rms | 7c3025d17d0afb72d9a8c72576ec49101483281603b51384390c37d0bd6699e2 | Triage

Submit
Reports

Overview

overview

Static

static

7c3025d17d...e2.exe

windows7_x64

7c3025d17d...e2.exe

windows10_x64

Sharing

General

Target

7c3025d17d0afb72d9a8c72576ec49101483281603b51384390c37d0bd6699e2
Size

5.0MB
Sample

220129-gr7qfaefe2
MD5

b0eaabc3ce13ddd873611ed651f40a34
SHA1

747ae815dfd46c8c5a790927c2d13f1eafc8b961
SHA256

7c3025d17d0afb72d9a8c72576ec49101483281603b51384390c37d0bd6699e2
SHA512

e6465845fbf63dba43e41c6b95fe1d399c83625ee774d4c7f414c894f1cbe905ab878139d19e943f3773b1c6f2f2c8cc55ca57530b91812e5c0924e64f295c65

Score

10^/10

rms evasion rat trojan

Static task

static1

Behavioral task

behavioral1

Sample

7c3025d17d0afb72d9a8c72576ec49101483281603b51384390c37d0bd6699e2.exe

Resource

win7-en-20211208

rms evasion rat trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7c3025d17d0afb72d9a8c72576ec49101483281603b51384390c37d0bd6699e2.exe

Resource

win10-en-20211208

rms evasion rat trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7c3025d17d0afb72d9a8c72576ec49101483281603b51384390c37d0bd6699e2
- Size
  
  5.0MB
- MD5
  
  b0eaabc3ce13ddd873611ed651f40a34
- SHA1
  
  747ae815dfd46c8c5a790927c2d13f1eafc8b961
- SHA256
  
  7c3025d17d0afb72d9a8c72576ec49101483281603b51384390c37d0bd6699e2
- SHA512
  
  e6465845fbf63dba43e41c6b95fe1d399c83625ee774d4c7f414c894f1cbe905ab878139d19e943f3773b1c6f2f2c8cc55ca57530b91812e5c0924e64f295c65
Score

10^/10

rms evasion rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Executes dropped EXE
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rmsevasionrattrojan

behavioral2

rmsevasionrattrojan

© 2018-2025

Terms | Privacy