General
-
Target
25567135ec1b3375d957d61f20e39b7a442b5a87f3f3591f67d47a1441455585
-
Size
3.6MB
-
Sample
221022-lqfmsacdaq
-
MD5
21ae834bdd5b89bacacca4d51cf82148
-
SHA1
601d1d2751a2af976556b6cfa84201b76003cff5
-
SHA256
25567135ec1b3375d957d61f20e39b7a442b5a87f3f3591f67d47a1441455585
-
SHA512
1e29739482431972865a2ceac2404cccea7c5bc5d1257dcfefcd9e9d2a16820bad8dad79d0c88192170c83a84fea8e0900bc38764b313dbb66d4f4aefd5ccde8
-
SSDEEP
98304:c4cVYH4QXqDLusX30tPoOvE7CcJaDcUkXaluXvdPzJ:oWH4LXeRoZ7CcPUQXvdPzJ
Malware Config
Targets
-
-
Target
25567135ec1b3375d957d61f20e39b7a442b5a87f3f3591f67d47a1441455585
-
Size
3.6MB
-
MD5
21ae834bdd5b89bacacca4d51cf82148
-
SHA1
601d1d2751a2af976556b6cfa84201b76003cff5
-
SHA256
25567135ec1b3375d957d61f20e39b7a442b5a87f3f3591f67d47a1441455585
-
SHA512
1e29739482431972865a2ceac2404cccea7c5bc5d1257dcfefcd9e9d2a16820bad8dad79d0c88192170c83a84fea8e0900bc38764b313dbb66d4f4aefd5ccde8
-
SSDEEP
98304:c4cVYH4QXqDLusX30tPoOvE7CcJaDcUkXaluXvdPzJ:oWH4LXeRoZ7CcPUQXvdPzJ
Score10/10-
RMS
Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-