remcos | a2aa95d8c241a4c2966be701f6e92aea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2aa95d8c241a4c2966be701f6e92aea
Size

373KB
MD5

a2aa95d8c241a4c2966be701f6e92aea
SHA1

5a6acaf6e152dadec34b4baabe8bf9329fff1da9
SHA256

a97f1a1a525619aa6720908abc0451f3f4acccd25b7807b7c85f65b1324a36cc
SHA512

2034131db44fe7a8bb8dbc8d85c973c81713c39359dab1ed7b291dc270bae14c24701935e14ea2f6600ed84deb0fd5bb674f56a537dddc7c3cfc71822958d31f
SSDEEP

6144:ndg5n5DJJL7XJAnY7yo0nqsJ445mgy+sk8VAX8dN4pq:AnnJHX+nO8hJB5mKD8Z5

Score

10^/10

remcos

Malware Config

Signatures

Remcos family
remcos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2aa95d8c241a4c2966be701f6e92aea

Files

a2aa95d8c241a4c2966be701f6e92aea
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xud
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vonz
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ