General
-
Target
06a2a3286b0fe016d48634d2b01bb27217249a1ffd92a46e60c174e8cc9f5a99
-
Size
463KB
-
Sample
220129-xhksbaffel
-
MD5
58f452ecde75e0eed7dceea9bce4b244
-
SHA1
c0aa35f3619c163a28ed0d0cfb0695518b7f4e74
-
SHA256
06a2a3286b0fe016d48634d2b01bb27217249a1ffd92a46e60c174e8cc9f5a99
-
SHA512
85ee6f69120bcf804b63b22e1468da17104e1927859ca30daa72fbc1a15c9238b57c7738f007a99737b727ad62d28801c83e4845d84ee9b3f45371e234c33f4e
Malware Config
Extracted
remcos
3.3.2 Pro
xoftman
pandemic4u.awsmppl.com:2404
pandemic4u1.nerdpol.ovh:7782
pandemic4u2.awsmppl.com:2404
pandemic4u0.awsmppl.com:7782
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
xosftmn-S5J436
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
Remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
-
take_screenshot_title
notepad;solitaire;
Targets
-
-
Target
06a2a3286b0fe016d48634d2b01bb27217249a1ffd92a46e60c174e8cc9f5a99
-
Size
463KB
-
MD5
58f452ecde75e0eed7dceea9bce4b244
-
SHA1
c0aa35f3619c163a28ed0d0cfb0695518b7f4e74
-
SHA256
06a2a3286b0fe016d48634d2b01bb27217249a1ffd92a46e60c174e8cc9f5a99
-
SHA512
85ee6f69120bcf804b63b22e1468da17104e1927859ca30daa72fbc1a15c9238b57c7738f007a99737b727ad62d28801c83e4845d84ee9b3f45371e234c33f4e
Score10/10-
Remcos
Remcos is a closed-source remote control and surveillance software.
-