Analysis
-
max time kernel
150s -
max time network
156s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
05-04-2023 18:13
Behavioral task
behavioral1
Sample
remcos_agent.exe
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
General
-
Target
remcos_agent.exe
-
Size
84KB
-
MD5
2700d6dad0890f9a93d56924eb55166f
-
SHA1
606d59361c8b661efbaaf4f14535a2dea489e239
-
SHA256
5f49450e06c6cb7e59ff48f06ca6ed9ac4829959287a93aeaa85542db1f20bfe
-
SHA512
2397e4202178b11bd67498c3d0526aa67e5f62bab3588cc112bf19f458b3a77d34c49d81d3792da24c36fcf031ae9ff209ca14664ef91f74c4b95561ead7c436
-
SSDEEP
1536:6pNEsaeiQl8TIqytzRJl+uiNuI7FFCPBsZcOzq1T35T/fLeILtVo8V:6pNEaiQl2qouiNdFFCiZcOz+TJ/DeAt
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
remcos_agent.exepid process 936 remcos_agent.exe -
Suspicious use of SendNotifyMessage 1 IoCs
Processes:
remcos_agent.exepid process 936 remcos_agent.exe