General
-
Target
360ForCrypt.exe
-
Size
14.4MB
-
Sample
231128-pze96aaa31
-
MD5
bc6102c60e900aa619eec272180612fc
-
SHA1
de06df6b9a7493615483a7ce1b24d8800f079b9c
-
SHA256
7e44c32e635fb9a1d0c1c7b42b5be5fcf8bd3edb65985bd00872d777da0d1e5e
-
SHA512
ce8d67f0cfca1df7fe3e593c2da11c3d8d9f86e47bab9388a4d9a9f68144ffd56e3d9cb7bb797201ff8e6562ea1eedb2f6fc3c380dad7cc2535cfac6f2aed8ea
-
SSDEEP
393216:UjLyzeJDb3WqJCu2dwTPBK+l2Dxkigud5Ssb:UjLy6IKsCTPB/l22uvSM
Behavioral task
behavioral1
Sample
360ForCrypt.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
360ForCrypt.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
remcos
Crypted
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
true
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
esotss.dat
-
keylog_flag
false
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
wsaortist-MIF9KD
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
- startup_value
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
360ForCrypt.exe
-
Size
14.4MB
-
MD5
bc6102c60e900aa619eec272180612fc
-
SHA1
de06df6b9a7493615483a7ce1b24d8800f079b9c
-
SHA256
7e44c32e635fb9a1d0c1c7b42b5be5fcf8bd3edb65985bd00872d777da0d1e5e
-
SHA512
ce8d67f0cfca1df7fe3e593c2da11c3d8d9f86e47bab9388a4d9a9f68144ffd56e3d9cb7bb797201ff8e6562ea1eedb2f6fc3c380dad7cc2535cfac6f2aed8ea
-
SSDEEP
393216:UjLyzeJDb3WqJCu2dwTPBK+l2Dxkigud5Ssb:UjLy6IKsCTPB/l22uvSM
Score1/10 -