General
-
Target
fb8a4830fce721fa60f12d5796f23024e20e040555bac803d02a584748c0d18e
-
Size
482KB
-
Sample
231003-fg1npsgd2t
-
MD5
28cf79eaaec18a8b6712232c0ca44977
-
SHA1
2d1f06946a46de27c46001efed5f390bd156f019
-
SHA256
fb8a4830fce721fa60f12d5796f23024e20e040555bac803d02a584748c0d18e
-
SHA512
568b1af1d26879d631ff405438412d152e81ad74bce15b2c1d74bbe25f93dd51870520d6f54eb3f2df5c9de96e75b702893d4d69a0c23653655d7edcb945a62d
-
SSDEEP
6144:Y/7iPrcL3ArwhBq7Kjsn9iHGXg0lwGS9MNNhdFvPxps9gsAOZZuAXec7T7ov:Y/uPq3AfK496Gw0lwGXN3pvs/ZuC8v
Malware Config
Extracted
remcos
gs
81.19.131.36:2450
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
dfsg-ICVBSQ
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
fb8a4830fce721fa60f12d5796f23024e20e040555bac803d02a584748c0d18e
-
Size
482KB
-
MD5
28cf79eaaec18a8b6712232c0ca44977
-
SHA1
2d1f06946a46de27c46001efed5f390bd156f019
-
SHA256
fb8a4830fce721fa60f12d5796f23024e20e040555bac803d02a584748c0d18e
-
SHA512
568b1af1d26879d631ff405438412d152e81ad74bce15b2c1d74bbe25f93dd51870520d6f54eb3f2df5c9de96e75b702893d4d69a0c23653655d7edcb945a62d
-
SSDEEP
6144:Y/7iPrcL3ArwhBq7Kjsn9iHGXg0lwGS9MNNhdFvPxps9gsAOZZuAXec7T7ov:Y/uPq3AfK496Gw0lwGXN3pvs/ZuC8v
Score1/10 -