General
-
Target
1104-68-0x0000000000400000-0x0000000000421000-memory.dmp
-
Size
132KB
-
Sample
220809-gy1wgafhb2
-
MD5
db042e4309bb047838f0daefd213565f
-
SHA1
ee319b6b210944d360a6c27be781797b49bf5171
-
SHA256
79aae6a9902177be5ba3408e2f338fa2d32f6c6fdbdceb42bd89310552df1eaf
-
SHA512
dccbe0eadbda84efdd7a41d56d0092f5e8cae1626b695a9ec79075944f4d0470b2afc7f0cfe224fbb16d1752bc75c7a9c3450d8e169b7e48ab55de6107d739f8
Malware Config
Extracted
remcos
2.7.1 Pro
hulk
lionsguard.ddns.net:5074
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
Remcos-OLXHVH
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
Remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
-
take_screenshot_title
wikipedia;solitaire;
Targets
-
-
Target
1104-68-0x0000000000400000-0x0000000000421000-memory.dmp
-
Size
132KB
-
MD5
db042e4309bb047838f0daefd213565f
-
SHA1
ee319b6b210944d360a6c27be781797b49bf5171
-
SHA256
79aae6a9902177be5ba3408e2f338fa2d32f6c6fdbdceb42bd89310552df1eaf
-
SHA512
dccbe0eadbda84efdd7a41d56d0092f5e8cae1626b695a9ec79075944f4d0470b2afc7f0cfe224fbb16d1752bc75c7a9c3450d8e169b7e48ab55de6107d739f8
Score3/10 -