General
-
Target
544-71-0x0000000000400000-0x0000000000421000-memory.dmp
-
Size
132KB
-
Sample
230123-knq53aeb9s
-
MD5
851c8dae5e8af0230caa65cc2fd0c9e2
-
SHA1
60ad694ae22ee9388804219412f84c96395350c2
-
SHA256
88891701bd3e995629e94b12df5251cfc7bb6cc6a3a1283ce91ce9c910460b54
-
SHA512
d918b23f7d2bf65965bb3e8cad4bf07cad22ff7229806943de1078545118ec49acd2aa207e3d008ab6674822a6eb5c25465a100350c456245121ee0414702482
-
SSDEEP
3072:S4XgM0gTUJNFbnOabI/JZ7k0qvo7wvdbnrlSl26FabmrzqhE5A:NXgMtwNFbOabI/qxlSl26FaKrzqhE
Malware Config
Extracted
remcos
2.7.1 Pro
OGBMANNY
91.231.84.41:52651
127.0.0.1:52651
10.5.175.21:52651
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
Remcos-B15393
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
Remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
-
take_screenshot_title
wikipedia;solitaire;
Targets
-
-
Target
544-71-0x0000000000400000-0x0000000000421000-memory.dmp
-
Size
132KB
-
MD5
851c8dae5e8af0230caa65cc2fd0c9e2
-
SHA1
60ad694ae22ee9388804219412f84c96395350c2
-
SHA256
88891701bd3e995629e94b12df5251cfc7bb6cc6a3a1283ce91ce9c910460b54
-
SHA512
d918b23f7d2bf65965bb3e8cad4bf07cad22ff7229806943de1078545118ec49acd2aa207e3d008ab6674822a6eb5c25465a100350c456245121ee0414702482
-
SSDEEP
3072:S4XgM0gTUJNFbnOabI/JZ7k0qvo7wvdbnrlSl26FabmrzqhE5A:NXgMtwNFbOabI/qxlSl26FaKrzqhE
Score3/10 -