General
-
Target
oos.exe
-
Size
504KB
-
Sample
221101-ssyppsdhcp
-
MD5
af1e6840f7351cf6ade207de11a9983f
-
SHA1
dbc4f725029b7243c4297f668a1ad3b9dfdecd4d
-
SHA256
e71eba9f1a6afd930acf53b8aac467f256735ec0a52011934d9a5da38555ce61
-
SHA512
b4d4b46a7211f8032f5e8871218445046334024b3dc40b8ac7d0ff056aefe3f46dd0c602e003d3b71024d85a6f5e1004e3b604f8ddb0283e407e352905f7db27
-
SSDEEP
6144:E/Ya3uK4MW5sl80PF2hV/4puXyjSJ5DwFiyycdFXErWlsAOZZgjXAcjgXy6N:E/YaejslPd2f/4njSJJwLZ5sfZgwrN
Malware Config
Extracted
remcos
XP
xpremcuz300622.ddns.net:3542
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
oos.exe
-
delete_file
false
-
hide_file
true
-
hide_keylog_file
false
-
install_flag
true
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Remcos-MMP2I7
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
kkl
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
oos.exe
-
Size
504KB
-
MD5
af1e6840f7351cf6ade207de11a9983f
-
SHA1
dbc4f725029b7243c4297f668a1ad3b9dfdecd4d
-
SHA256
e71eba9f1a6afd930acf53b8aac467f256735ec0a52011934d9a5da38555ce61
-
SHA512
b4d4b46a7211f8032f5e8871218445046334024b3dc40b8ac7d0ff056aefe3f46dd0c602e003d3b71024d85a6f5e1004e3b604f8ddb0283e407e352905f7db27
-
SSDEEP
6144:E/Ya3uK4MW5sl80PF2hV/4puXyjSJ5DwFiyycdFXErWlsAOZZgjXAcjgXy6N:E/YaejslPd2f/4njSJJwLZ5sfZgwrN
Score3/10 -