Overview

overview

10

Static

static

1

2e32092eee...01.exe

windows7-x64

10

2e32092eee...01.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e32092eeea3620932716d3b6d5fb1e2b9dfaf28185700d7b8372cbd341ee101

  • Size

    4.2MB

  • Sample

    221028-2dpmxshhc4

  • MD5

    789c0afd62c09b0bf2cef650b9f68bd8

  • SHA1

    f1731af4afbd8f90f48e6e2fb5249967ac7a7e07

  • SHA256

    2e32092eeea3620932716d3b6d5fb1e2b9dfaf28185700d7b8372cbd341ee101

  • SHA512

    82632743b6d3e85916d7131bae73e538be91dd909070ae2c17ffd9135d0ad0568585a560e733a771b04d9754cf5d836ae1061fbe20c7b5a58e6b904940c30719

  • SSDEEP

    98304:qNio6GYhlGYi2gK6RqqNUHw4uIolk/3QIDpGYXV4cVYK:Mi5hjGagTR34ilkPQ2AYXnWK

Score
10/10
rmsrattrojan

Malware Config

Targets

    • Target

      2e32092eeea3620932716d3b6d5fb1e2b9dfaf28185700d7b8372cbd341ee101

    • Size

      4.2MB

    • MD5

      789c0afd62c09b0bf2cef650b9f68bd8

    • SHA1

      f1731af4afbd8f90f48e6e2fb5249967ac7a7e07

    • SHA256

      2e32092eeea3620932716d3b6d5fb1e2b9dfaf28185700d7b8372cbd341ee101

    • SHA512

      82632743b6d3e85916d7131bae73e538be91dd909070ae2c17ffd9135d0ad0568585a560e733a771b04d9754cf5d836ae1061fbe20c7b5a58e6b904940c30719

    • SSDEEP

      98304:qNio6GYhlGYi2gK6RqqNUHw4uIolk/3QIDpGYXV4cVYK:Mi5hjGagTR34ilkPQ2AYXnWK

    Score
    10/10
    rmsrattrojan

    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

      trojanratrms
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks