General
-
Target
2224-3-0x0000000000400000-0x0000000000882000-memory.dmp
-
Size
4.5MB
-
Sample
231211-srnhcaaecq
-
MD5
3e03d61cc929b3f6ab85f9854118d19d
-
SHA1
79f6aefe3ea8d88908850399b8f41229283efda6
-
SHA256
43f544d8e9ad5365e71810254b659a51effa061ad13b2d0f0f5a66468dc8d0a3
-
SHA512
5e25836b80f25a1a4199184c4cea45487b317f539de3a7d02e97260c84967375acfc7c7e104921a56da9ecc99276274f3c110a2b3b23f597d1c433db5123b0ab
-
SSDEEP
6144:cXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHwsAOZZsAX4cDjr5Gvaz:cX7tPMK8ctGe4Dzl4h2QnuOs/Zsscv
Malware Config
Extracted
remcos
december
91.92.243.110:3734
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-QGHS48
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
2224-3-0x0000000000400000-0x0000000000882000-memory.dmp
-
Size
4.5MB
-
MD5
3e03d61cc929b3f6ab85f9854118d19d
-
SHA1
79f6aefe3ea8d88908850399b8f41229283efda6
-
SHA256
43f544d8e9ad5365e71810254b659a51effa061ad13b2d0f0f5a66468dc8d0a3
-
SHA512
5e25836b80f25a1a4199184c4cea45487b317f539de3a7d02e97260c84967375acfc7c7e104921a56da9ecc99276274f3c110a2b3b23f597d1c433db5123b0ab
-
SSDEEP
6144:cXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHwsAOZZsAX4cDjr5Gvaz:cX7tPMK8ctGe4Dzl4h2QnuOs/Zsscv
Score1/10 -