rms | 1dd15c830c0a159b53ed21b8c2ce1b7e8093256368d7b96c1347c6851ee6c4f6 | Triage

Submit
Reports

Overview

overview

Static

static

7

2281cfa065...60.exe

windows7-x64

2281cfa065...60.exe

windows10-2004-x64

Sharing

General

Target

2281cfa06555c834f41ae29b60482760
Size

11.3MB
Sample

231231-behb5addf7
MD5

2281cfa06555c834f41ae29b60482760
SHA1

0988b8b86f902650fc04d617237b0c7a37cdd64b
SHA256

1dd15c830c0a159b53ed21b8c2ce1b7e8093256368d7b96c1347c6851ee6c4f6
SHA512

994472d9dd212815cdaf943fb2a91c9552135fd49392dba8a8edc47541e3b326c90a67c3c780fe53053dca00b283a00d9f4841b003de50cffb3658801929bf05
SSDEEP

196608:3lM3veyksnD71qRmWBBtH6jh7AmmQhXzzvbFrYQWEXxIYJaw+PGfK07wFGZHEqo8:3GNksD9oXH6jh0mmQhjrb9YOxZJ2GfKW

Score

10^/10

rms rat trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2281cfa06555c834f41ae29b60482760.exe

Resource

win7-20231215-en

rms rat trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

2281cfa06555c834f41ae29b60482760.exe

Resource

win10v2004-20231215-en

rms rat trojan upx

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  2281cfa06555c834f41ae29b60482760
- Size
  
  11.3MB
- MD5
  
  2281cfa06555c834f41ae29b60482760
- SHA1
  
  0988b8b86f902650fc04d617237b0c7a37cdd64b
- SHA256
  
  1dd15c830c0a159b53ed21b8c2ce1b7e8093256368d7b96c1347c6851ee6c4f6
- SHA512
  
  994472d9dd212815cdaf943fb2a91c9552135fd49392dba8a8edc47541e3b326c90a67c3c780fe53053dca00b283a00d9f4841b003de50cffb3658801929bf05
- SSDEEP
  
  196608:3lM3veyksnD71qRmWBBtH6jh7AmmQhXzzvbFrYQWEXxIYJaw+PGfK07wFGZHEqo8:3GNksD9oXH6jh0mmQhjrb9YOxZJ2GfKW
Score

10^/10

rms rat trojan upx
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rmsrattrojanupx

behavioral2

rmsrattrojanupx

© 2018-2024

Terms | Privacy