General
-
Target
1868-59-0x0000000000B70000-0x0000000001296000-memory.dmp
-
Size
7.1MB
-
Sample
220525-keltzsdcar
-
MD5
2c77aef331dc14fec4cea6e202fa4679
-
SHA1
176d75f18529548f3cacc7c4b3a799c74469f249
-
SHA256
567294bca36108f406d6a6b44dbee9c5dc9ba737de86fee45d67b8453bff7d41
-
SHA512
62cf37802bf8feb9fa46370ceef8323f41184ff9618cdaf7511b95c0fef36598d0b170571a9dfc53e7438c220618a0732c97fa194f47a36ce8cf75cf10390051
Malware Config
Extracted
remcos
RH1
185.29.9.125:2404
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
itunes.exe
-
copy_folder
RMS
-
delete_file
true
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
true
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
Jd1985-XODZWD
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
Rms
-
take_screenshot_option
false
-
take_screenshot_time
5
-
take_screenshot_title
notepad;solitaire;
Targets
-
-
Target
1868-59-0x0000000000B70000-0x0000000001296000-memory.dmp
-
Size
7.1MB
-
MD5
2c77aef331dc14fec4cea6e202fa4679
-
SHA1
176d75f18529548f3cacc7c4b3a799c74469f249
-
SHA256
567294bca36108f406d6a6b44dbee9c5dc9ba737de86fee45d67b8453bff7d41
-
SHA512
62cf37802bf8feb9fa46370ceef8323f41184ff9618cdaf7511b95c0fef36598d0b170571a9dfc53e7438c220618a0732c97fa194f47a36ce8cf75cf10390051
Score1/10 -