General
-
Target
288-71-0x0000000000400000-0x0000000000421000-memory.dmp
-
Size
132KB
-
Sample
230123-ka7kwseb4t
-
MD5
f17f516ba4664092d5bb726099b48c9d
-
SHA1
f0aa961536a488f606ca02f0e063b45f7fe16ad4
-
SHA256
86c533e201bb3436469c5a40546c8bba3fa13ea865def87c33f7e302db5f33a0
-
SHA512
c9650ffa79df00b2a8778f760c8f916c497a3cbbac46b59d5737765871f951bd2ef2615816c7230e34dd8ce9692340787d3156d98c159e9257a9e447df5be25c
-
SSDEEP
3072:S4XgM0gTUJNFbnOabI/JZ7k0qvo7wvdbnrlSl26FabmrzqhE:NXgMtwNFbOabI/qxlSl26FaKrzqhE
Malware Config
Extracted
remcos
2.7.1 Pro
MIMIBOY
91.231.84.41:52651
127.0.0.1:52651
10.5.175.21:52651
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
Remcos-SURYWD
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
Remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
-
take_screenshot_title
wikipedia;solitaire;
Targets
-
-
Target
288-71-0x0000000000400000-0x0000000000421000-memory.dmp
-
Size
132KB
-
MD5
f17f516ba4664092d5bb726099b48c9d
-
SHA1
f0aa961536a488f606ca02f0e063b45f7fe16ad4
-
SHA256
86c533e201bb3436469c5a40546c8bba3fa13ea865def87c33f7e302db5f33a0
-
SHA512
c9650ffa79df00b2a8778f760c8f916c497a3cbbac46b59d5737765871f951bd2ef2615816c7230e34dd8ce9692340787d3156d98c159e9257a9e447df5be25c
-
SSDEEP
3072:S4XgM0gTUJNFbnOabI/JZ7k0qvo7wvdbnrlSl26FabmrzqhE:NXgMtwNFbOabI/qxlSl26FaKrzqhE
Score3/10 -