remcos | aba9252616b81ea6126cdf181e8d1a44[.]exe | Triage

Sharing

General

Target

aba9252616b81ea6126cdf181e8d1a44.exe
Size

420KB
MD5

aba9252616b81ea6126cdf181e8d1a44
SHA1

2ad3d2ef5740ebde0cf9cad30ffe558350cc7400
SHA256

8de83647927095b566f43bafd6d502ab29e0529bbae477bbe7b967e7d6f3ea96
SHA512

87a517d6987bb816a9787572a6d2dd9bf75e92e59c904dcdce79a3efb82d4cad8283cf191d12aebae677231ed897921f4ca3ea024f8197174008421716b02717
SSDEEP

6144:x9g5p/aJJL7XJAnY7jioSgBK0Ru115xTcYeEknZJJAVAe3:xgUJHX+nOjhBq1j2AWE

Score

10^/10

remcos

Malware Config

Signatures

Remcos family
remcos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aba9252616b81ea6126cdf181e8d1a44.exe

Files

aba9252616b81ea6126cdf181e8d1a44.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 417KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ