lucastealer | Remcos-RAT-2022-main[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Remcos-RAT-2022-main.zip
Size

6.2MB
MD5

0f9f51e0ead01237835ff0b282f4a64d
SHA1

e8b17f04903a949e62829e170e304197f0a7aa4c
SHA256

52b49593cbcc54f429acc71458e2c0b1a1a120ba97566ca212a5890bb6f57f60
SHA512

432468d81970396d68f76b43118d8eafc89a7065eccb1f5353de214ec98987938e7cdf8d8a8940e2d19f68825a78f0f20af02d7da708dd4d7f2c6a6ed29a5ba8
SSDEEP

196608:k3uWGcLxB07EwdVWexixm0dSIl9LtEF1XrZPXIX8u6p:PRZdV2cmSacF1NPX0x+

Score

10^/10

upx lucastealer

Malware Config

Signatures

Luca Stealer payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack002/out.upx	family_lucastealer

Lucastealer family
lucastealer

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/Remcos-RAT-2022-main/Remcos Professional.exe	upx

Files

Remcos-RAT-2022-main.zip
.zip
Remcos-RAT-2022-main/BuilderProfiles/DefaultProfile.ini
Remcos-RAT-2022-main/README.md
Remcos-RAT-2022-main/Remcos Professional.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 18.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 19.0MB - Virtual size: 19.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Remcos-RAT-2022-main/Remcos_Settings.ini

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 18.8MB

UPX1 Size: 6.5MB - Virtual size: 6.5MB

UPX2 Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 19.0MB - Virtual size: 19.0MB

.rdata Size: 4.6MB - Virtual size: 4.6MB

.data Size: 150KB - Virtual size: 156KB

.pdata Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 83KB - Virtual size: 83KB

UPX0
Size: - Virtual size: 18.8MB

UPX1
Size: 6.5MB - Virtual size: 6.5MB

UPX2
Size: 2KB - Virtual size: 4KB

.text
Size: 19.0MB - Virtual size: 19.0MB

.rdata
Size: 4.6MB - Virtual size: 4.6MB

.data
Size: 150KB - Virtual size: 156KB

.pdata
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 83KB - Virtual size: 83KB