Overview

overview

10

Static

static

602abb9458...ea.exe

windows7_x64

10

602abb9458...ea.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    602abb9458203a57ad198be8071e89625cae1ff76a7181993fa21e40165091ea

  • Size

    4.2MB

  • Sample

    220524-rfpetshcgr

  • MD5

    64f6e818b23a85c112830b2aead35160

  • SHA1

    e96074bcdcb2cb666857ad6d2a7b33288bbedc89

  • SHA256

    602abb9458203a57ad198be8071e89625cae1ff76a7181993fa21e40165091ea

  • SHA512

    8486c6fd582b8e6c84add60dc32830401d082c6210ad790c77e5c725bab3e890cfe968bb445c0780b949f1c0172fc59fd07f2a850bb753bb6f3b4a13fd1fc845

Score
10/10
rmsrattrojan

Malware Config

Targets

    • Target

      602abb9458203a57ad198be8071e89625cae1ff76a7181993fa21e40165091ea

    • Size

      4.2MB

    • MD5

      64f6e818b23a85c112830b2aead35160

    • SHA1

      e96074bcdcb2cb666857ad6d2a7b33288bbedc89

    • SHA256

      602abb9458203a57ad198be8071e89625cae1ff76a7181993fa21e40165091ea

    • SHA512

      8486c6fd582b8e6c84add60dc32830401d082c6210ad790c77e5c725bab3e890cfe968bb445c0780b949f1c0172fc59fd07f2a850bb753bb6f3b4a13fd1fc845

    Score
    10/10
    rmsrattrojan

    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

      trojanratrms

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks