Overview

overview

10

Static

static

10

3944-190-0...ry.exe

windows7-x64

10

3944-190-0...ry.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    31s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    07-06-2023 14:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3944-190-0x0000000010590000-0x0000000010613000-memory.exe

  • Size

    524KB

  • MD5

    02348119fe38d05a1d8b351bf5ff4eff

  • SHA1

    10bbd8e716c925d018f176cb70b17c90128fe73f

  • SHA256

    e678a3d8be0cf692b30c2ff5f5bb05a4be8116ddbdc67e0ecd20dd5a409aec02

  • SHA512

    ee4e24559c6e34fe287a871cb6c516fe6bfdcdfeb6f5e9cd178a15bde7d9bc82177fc252669d9cadf59044acf2c9b8fa98a80381951e79006937d5a36d134f41

  • SSDEEP

    12288:FX8/Vx65HCnDAByqulR1fZJQGs/Z8oRq:K/Vc5HCnDABMfZJQNZ3

Score
10/10
remcosrat

Malware Config

Signatures

  • Remcos

    Remcos is a closed-source remote control and surveillance software.

    ratremcos

Processes

  • C:\Users\Admin\AppData\Local\Temp\3944-190-0x0000000010590000-0x0000000010613000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\3944-190-0x0000000010590000-0x0000000010613000-memory.exe"
    1⤵
      PID:1772

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1772-54-0x0000000000580000-0x0000000000603000-memory.dmp
      Filesize

      524KB

      Download