rms | b2fd919e2acd61601c3341179a20ce1d0c2074e8907692dc83d55ba6c6b3eb3a | Triage

Sharing

General

Target

reg1.reg
Size

12KB
Sample

230915-qallbaef73
MD5

4dc0fba4595ad8fe1f010f9079f59dd3
SHA1

b3a54e99afc124c64978d48afca2544d75e69da5
SHA256

b2fd919e2acd61601c3341179a20ce1d0c2074e8907692dc83d55ba6c6b3eb3a
SHA512

fb0855ad6a33a3efc44453f2a5624e0fc87818bf10d13a87d168be3e9c69b7c8dffb39a34193ab134f42b0af527566e74bada71742c09f90ffd60334ba5143b8
SSDEEP

192:PX7frQHvJDzF/aQBeDUnQbwCUuq+36X69XOwBmimxNl7RO8HZHkhdxNw+oc0:PrfrYh9iynQbwCUnKdmimxNXN5Ehdxh0

Score

10^/10

rms evasion rat trojan

Malware Config

Targets

- Target
  
  reg1.reg
- Size
  
  12KB
- MD5
  
  4dc0fba4595ad8fe1f010f9079f59dd3
- SHA1
  
  b3a54e99afc124c64978d48afca2544d75e69da5
- SHA256
  
  b2fd919e2acd61601c3341179a20ce1d0c2074e8907692dc83d55ba6c6b3eb3a
- SHA512
  
  fb0855ad6a33a3efc44453f2a5624e0fc87818bf10d13a87d168be3e9c69b7c8dffb39a34193ab134f42b0af527566e74bada71742c09f90ffd60334ba5143b8
- SSDEEP
  
  192:PX7frQHvJDzF/aQBeDUnQbwCUuq+36X69XOwBmimxNl7RO8HZHkhdxNw+oc0:PrfrYh9iynQbwCUnKdmimxNXN5Ehdxh0
Score

10^/10

rms evasion rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Windows security bypass
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rmsevasionrattrojan

behavioral2

rmsevasionrattrojan