Analysis
-
max time kernel
150s -
max time network
156s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
05-04-2023 18:13
General
-
Target
remcos_agent.exe
-
Size
84KB
-
MD5
2700d6dad0890f9a93d56924eb55166f
-
SHA1
606d59361c8b661efbaaf4f14535a2dea489e239
-
SHA256
5f49450e06c6cb7e59ff48f06ca6ed9ac4829959287a93aeaa85542db1f20bfe
-
SHA512
2397e4202178b11bd67498c3d0526aa67e5f62bab3588cc112bf19f458b3a77d34c49d81d3792da24c36fcf031ae9ff209ca14664ef91f74c4b95561ead7c436
-
SSDEEP
1536:6pNEsaeiQl8TIqytzRJl+uiNuI7FFCPBsZcOzq1T35T/fLeILtVo8V:6pNEaiQl2qouiNdFFCiZcOz+TJ/DeAt
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\remcos_agent.exe"C:\Users\Admin\AppData\Local\Temp\remcos_agent.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage