Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f85baaa7de06627183143f2d157eb9be.bin
-
Size
264KB
-
Sample
230817-cjqdzagf2t
-
MD5
4604d3090e9729860429f97c99d2a98b
-
SHA1
80a5f456e5f8631da887a212f3a0faef1b9de497
-
SHA256
5338291eea978894fc1936681ef21614cea318ef63ba31ca7cb49d5d3e521141
-
SHA512
18831dd08d481279b9c7d313864caef027abd61ce6bcbde714bd783429994e6ba0ebd68c677108ce0483bdb4b5ed76677ffcaeccc2fcd4939291bc7e97263d77
-
SSDEEP
6144:WmlxJA8171BIH+rDM+JI749EkFQVAJiBjYk9lwzuV5RjXXNkekry:WEjxBffMuzEdAEayjXXnkG
Malware Config
Extracted
remcos
New-31Jul
tttmundo2022.eastus.cloudapp.azure.com:3232
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-YZOO6S
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
3f9772d59aa3dbdb843f8ab898860be5f4170046bc2a0f527e1b33d3c415bd9c.exe
-
Size
481KB
-
MD5
f85baaa7de06627183143f2d157eb9be
-
SHA1
00d6a8069cba8ecd133a7344138f5c1bcb760170
-
SHA256
3f9772d59aa3dbdb843f8ab898860be5f4170046bc2a0f527e1b33d3c415bd9c
-
SHA512
a2e350e11133ba40c20b8e904e94b393accd2661e138cdb62a01ecfbf14ad681ae56557bc62ab87b68ddb46aabdceefd797b9aefed083a81aacc96fe7d6bbf4f
-
SSDEEP
12288:tRXxReZj3WZfj/2eSseWFaIe2+f8CL47bs/ZO2yDU:tx7cyF2eSsewS8W47eZj
Score1/10 -