rms | 3638108532c5691243ca7efdc18878862799c65f13d57e6ae7cde194529ff136 | Triage

Submit
Reports

Overview

overview

Static

static

3638108532...36.exe

windows7_x64

3638108532...36.exe

windows10-2004_x64

Sharing

General

Target

3638108532c5691243ca7efdc18878862799c65f13d57e6ae7cde194529ff136
Size

4.5MB
Sample

220524-rlpmsahegj
MD5

01288102e83268741af6a09dbfa463f7
SHA1

e4758550681d9023243b0dcf2ccd5df45808a76a
SHA256

3638108532c5691243ca7efdc18878862799c65f13d57e6ae7cde194529ff136
SHA512

57b4d5b3fe953b9c409c935bc84d58a2694d064ac3954d4e8110fae32956a8ab6063f31163dc3523cdc467f935f0f54382de81d070cccaf9240ccc684f27cf2b

Score

10^/10

rms aspackv2 evasion rat trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

3638108532c5691243ca7efdc18878862799c65f13d57e6ae7cde194529ff136.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3638108532c5691243ca7efdc18878862799c65f13d57e6ae7cde194529ff136.exe

Resource

win10v2004-20220414-en

rms aspackv2 evasion rat trojan upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3638108532c5691243ca7efdc18878862799c65f13d57e6ae7cde194529ff136
- Size
  
  4.5MB
- MD5
  
  01288102e83268741af6a09dbfa463f7
- SHA1
  
  e4758550681d9023243b0dcf2ccd5df45808a76a
- SHA256
  
  3638108532c5691243ca7efdc18878862799c65f13d57e6ae7cde194529ff136
- SHA512
  
  57b4d5b3fe953b9c409c935bc84d58a2694d064ac3954d4e8110fae32956a8ab6063f31163dc3523cdc467f935f0f54382de81d070cccaf9240ccc684f27cf2b
Score

10^/10

rms rat trojan aspackv2 evasion upx
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

rmsaspackv2evasionrattrojanupx

© 2018-2025

Terms | Privacy