Overview

overview

10

Static

static

278ea54545...5c.exe

windows7_x64

10

278ea54545...5c.exe

windows10-2004_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    278ea5454555bd21fb861ed9085c7de78f9d59a2e851b47b1c098081688c595c

  • Size

    6.9MB

  • Sample

    220213-sb14habae8

  • MD5

    cce11037dcc8da69fd317c2a6f023593

  • SHA1

    fbb6ea11adc7c4f9879f1be893e68ed62eb07aa2

  • SHA256

    278ea5454555bd21fb861ed9085c7de78f9d59a2e851b47b1c098081688c595c

  • SHA512

    761df8f0649053281ef105f8dad368cf9ba206fd10588a82b15fcfa7f103fac7210881979b2b553d197cd37586e94ce40dab8febecfb54ea2431c0a74a83d5ca

Score
10/10
rmsrattrojanupx

Malware Config

Targets

    • Target

      278ea5454555bd21fb861ed9085c7de78f9d59a2e851b47b1c098081688c595c

    • Size

      6.9MB

    • MD5

      cce11037dcc8da69fd317c2a6f023593

    • SHA1

      fbb6ea11adc7c4f9879f1be893e68ed62eb07aa2

    • SHA256

      278ea5454555bd21fb861ed9085c7de78f9d59a2e851b47b1c098081688c595c

    • SHA512

      761df8f0649053281ef105f8dad368cf9ba206fd10588a82b15fcfa7f103fac7210881979b2b553d197cd37586e94ce40dab8febecfb54ea2431c0a74a83d5ca

    Score
    10/10
    rmsrattrojanupx

    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

      trojanratrms

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks