General
-
Target
01fd189da22899dafb2e6e9e9ad9bf83b91ad78145eff7869aeea5d612ad91b6
-
Size
7.0MB
-
Sample
220213-s9h1ksddak
-
MD5
a60b1a688fa18475288d138df20d6eaf
-
SHA1
c5775049ddd61859439d21a75d709dda29c8449d
-
SHA256
01fd189da22899dafb2e6e9e9ad9bf83b91ad78145eff7869aeea5d612ad91b6
-
SHA512
f0f837db33ca1698eb84507bac61d9ce738f9eaf1003b7043be53f70eac6f97f5cf293c29fb6eb5ccd5097da60f57b440a52f3ae86d1d4bd07511d601eac0903
Malware Config
Targets
-
-
Target
01fd189da22899dafb2e6e9e9ad9bf83b91ad78145eff7869aeea5d612ad91b6
-
Size
7.0MB
-
MD5
a60b1a688fa18475288d138df20d6eaf
-
SHA1
c5775049ddd61859439d21a75d709dda29c8449d
-
SHA256
01fd189da22899dafb2e6e9e9ad9bf83b91ad78145eff7869aeea5d612ad91b6
-
SHA512
f0f837db33ca1698eb84507bac61d9ce738f9eaf1003b7043be53f70eac6f97f5cf293c29fb6eb5ccd5097da60f57b440a52f3ae86d1d4bd07511d601eac0903
Score10/10-
RMS
Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
-
UAC bypass
-
Executes dropped EXE
-
Modifies Windows Firewall
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Allows Network login with blank passwords
Allows local user accounts with blank passwords to access device from the network.
-
Loads dropped DLL
-
Checks whether UAC is enabled
-