General
-
Target
text5.zip
-
Size
258KB
-
Sample
231212-tj5x4aheh7
-
MD5
415028e8f9e2363db1c4db0c93551e94
-
SHA1
56a2b8a86ffdbaced2a948f5d616d2d3cafc0b5a
-
SHA256
dfe9af457bdd92ee844a8ea313f6c04d10f6d53c62fa42f395b3da803fa0ca9b
-
SHA512
f0390672da5626280f8ea0223a45b30e4a31021725a3d36f312b42bf428c5435cb440eaaa65badfffdd5d0d41c74214dc91ee44494ab548fa95006ef794df429
-
SSDEEP
6144:TNIPAZFpuuBBv4y762HTsbchFVxD6dEEyuB/kEh5l5ECrs30+A:REAZF9LvVu2zAcHVxDZyBsE5lIkn
Behavioral task
behavioral1
Sample
text5.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
text5.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
remcos
RemoteHost
rdm.accesscam.org:8080
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-2OASEE
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
text5.exe
-
Size
483KB
-
MD5
d1730eb57f42aa499a0f39f4564d0d5c
-
SHA1
d48d38c4bdf637cf044c4cde6dfd983c4e1bdbc9
-
SHA256
30c8023ef8f090852820c238cd3195c695ed12fbb638d352708f337556dc341f
-
SHA512
fd5471d0aac7d6aa5addb83c3a1c42bf7dc4d0c32dbc0c22e28aff411b124dede19323eb723d1c3d8376ce9da41c5b4eac523d5217a979b3e3c6c4d186398911
-
SSDEEP
6144:C/7iPrcL3ArwhBq7Kjsn9iHGXg0lwGS9MNNhdFvPxps9gsAOZZuAXec7Z7ov:C/uPq3AfK496Gw0lwGXN3pvs/Zu08v
Score1/10 -