General
-
Target
1228-84-0x0000000000400000-0x000000000047F000-memory.dmp
-
Size
508KB
-
Sample
220906-ntewrscbh8
-
MD5
3f0c07dcbeb009cf9c1b2d516f8c3246
-
SHA1
050de5225d100b19e01a1bf740783ae5974afaff
-
SHA256
7f01cb53ab9139746e3f1feb90b5445753520f738bba5a7bc5b8b1982a1bf646
-
SHA512
4e26299e97c6644a38afbff27bfecd3b080d2116db6bf1e12cf9cd0ce8662ab6ab22c5a08e42260768cc333c4c79f6cf2f845199ca8612187323a02bff750be8
-
SSDEEP
6144:uAg4RVDZlHx5k7iLZnaSguI2IiRL/SISjw8nHWh1R2K3g9ZsAOZZQmXxlcK:umnk7iLJbpIpiRL6I2WhSKQ9ZsfZQS
Malware Config
Extracted
remcos
PeterObi2023
76.8.53.133:1198
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
sdfge.exe
-
delete_file
false
-
hide_file
true
-
hide_keylog_file
false
-
install_flag
true
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
fghoiuytr.dat
-
keylog_flag
false
-
mouse_option
false
-
mutex
fghjcvbn-UURPOS
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
dfghrtyu
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
1228-84-0x0000000000400000-0x000000000047F000-memory.dmp
-
Size
508KB
-
MD5
3f0c07dcbeb009cf9c1b2d516f8c3246
-
SHA1
050de5225d100b19e01a1bf740783ae5974afaff
-
SHA256
7f01cb53ab9139746e3f1feb90b5445753520f738bba5a7bc5b8b1982a1bf646
-
SHA512
4e26299e97c6644a38afbff27bfecd3b080d2116db6bf1e12cf9cd0ce8662ab6ab22c5a08e42260768cc333c4c79f6cf2f845199ca8612187323a02bff750be8
-
SSDEEP
6144:uAg4RVDZlHx5k7iLZnaSguI2IiRL/SISjw8nHWh1R2K3g9ZsAOZZQmXxlcK:umnk7iLJbpIpiRL6I2WhSKQ9ZsfZQS
Score1/10 -