remcos | f9757e655b46d179dfadee752d8d147d1ef2add907a8712755dffc158667b1e4 | Triage

Submit
Reports

Overview

overview

Static

static

bOsb.exe

windows7-x64

bOsb.exe

windows10-2004-x64

Sharing

General

Target

bOsb.exe
Size

232KB
Sample

230717-k3wdbsbf9w
MD5

5d571d0af301aea2a2f2df9ac80aa3b0
SHA1

8624c280514a5d01551e54e2a635022a076cf73d
SHA256

f9757e655b46d179dfadee752d8d147d1ef2add907a8712755dffc158667b1e4
SHA512

db1c787048126c4f0d0b528af85d65c1e024db38ba8ae94658f906e4d48531bdf42cc92e6bce793815b22831bd45a5b93097e08766e31db4be0c3ce3428bc2a2
SSDEEP

6144:4vGSN9gWuLpcBKnVBYAsmrzpyDfOXXVYBX:4vbGWulcBKV3uOXO

Score

10^/10

remcos btc rat upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

bOsb.exe

Resource

win7-20230712-en

remcos btc rat upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

bOsb.exe

Resource

win10v2004-20230703-en

remcos btc rat upx

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

remcos

Botnet

BTC

C2

zoonm.ddns.net:9001

Attributes

audio_folder
MicRecords
audio_record_time
5
connect_delay
0
connect_interval
1
copy_file
vlc.exe
copy_folder
vlc
delete_file
false
hide_file
false
hide_keylog_file
false
install_flag
false
keylog_crypt
true
keylog_file
logs.dat
keylog_flag
false
keylog_folder
remcos
mouse_option
false
mutex
Rmc-6FL95Y
screenshot_crypt
false
screenshot_flag
false
screenshot_folder
Screenshots
screenshot_path
%AppData%
screenshot_time
10
take_screenshot_option
false
take_screenshot_time
5

Targets

- Target
  
  bOsb.exe
- Size
  
  232KB
- MD5
  
  5d571d0af301aea2a2f2df9ac80aa3b0
- SHA1
  
  8624c280514a5d01551e54e2a635022a076cf73d
- SHA256
  
  f9757e655b46d179dfadee752d8d147d1ef2add907a8712755dffc158667b1e4
- SHA512
  
  db1c787048126c4f0d0b528af85d65c1e024db38ba8ae94658f906e4d48531bdf42cc92e6bce793815b22831bd45a5b93097e08766e31db4be0c3ce3428bc2a2
- SSDEEP
  
  6144:4vGSN9gWuLpcBKnVBYAsmrzpyDfOXXVYBX:4vbGWulcBKV3uOXO
Score

10^/10

remcos btc rat upx
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

remcosbtcratupx

behavioral2

remcosbtcratupx

© 2018-2024

Terms | Privacy