remcos | 10530000[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10530000.exe
Size

96KB
MD5

c95b1bc7df63569a54fb5f857e0caa6a
SHA1

c961b4bd595fb403f9aef10518eebe2190493e70
SHA256

13cba42920faf2a3c141eac4951437ee6ffa3c9b9eff85befdd8b6259f0a06d2
SHA512

c9a71bd920a341d7c8c9470b778ae3cbcffab8dd1f4491807d196b317a6208e88e125401c1b1ce7c462ae68c980b5f48c9532978895ebc6003a4b28d5e093464
SSDEEP

3072:vghzYTGWVvJ8f2v1TbPzuMsIFSHNThy+JP/P6Er:vghzOv2fM13jsIFSHNT7P/P6Q

Score

10^/10

remcos

Malware Config

Signatures

Remcos family
remcos

Files

10530000.exe
.exe windows x86

bd51a645a9c68bd03b2e51586e5cbdcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA

Sections

.text
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE