General
-
Target
2692-35-0x0000000000400000-0x0000000000417000-memory.dmp
-
Size
92KB
-
Sample
240205-kmeqmsbhc4
-
MD5
9621239941bd340422a3f6c361247c4c
-
SHA1
f7d0cfddcbdaab6310f5f5c3e11935f8d9cd1119
-
SHA256
06f9f89dcf61876df776ad8c9de008f2647c87dd725812c36942962cfc703ab5
-
SHA512
24bdf0bdc2ff3e682a91415eb49080a473a5995c3ea777ce60f790aa0c70c47740455a4389a250037794462739eb5308cd81c35ff315a9dd20363c5357e456d6
-
SSDEEP
1536:ohhW0YTGZWdVseJxaM9kraLdV2QkQ1TbPX8IHOCkIsI4ESZkNTh9E+JP19qkPIXO:uhzYTGWVvJ8f2v1TbPzuMsIFSZkNThy6
Malware Config
Extracted
remcos
1.7 Pro
gg
62.102.148.185:9771
-
audio_folder
audio
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
5
-
copy_file
remcos.exe
-
copy_folder
remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
newstart
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
remcos_wgwfvnfssp
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screens
-
screenshot_path
%AppData%
-
screenshot_time
1
-
startup_value
remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
2692-35-0x0000000000400000-0x0000000000417000-memory.dmp
-
Size
92KB
-
MD5
9621239941bd340422a3f6c361247c4c
-
SHA1
f7d0cfddcbdaab6310f5f5c3e11935f8d9cd1119
-
SHA256
06f9f89dcf61876df776ad8c9de008f2647c87dd725812c36942962cfc703ab5
-
SHA512
24bdf0bdc2ff3e682a91415eb49080a473a5995c3ea777ce60f790aa0c70c47740455a4389a250037794462739eb5308cd81c35ff315a9dd20363c5357e456d6
-
SSDEEP
1536:ohhW0YTGZWdVseJxaM9kraLdV2QkQ1TbPX8IHOCkIsI4ESZkNTh9E+JP19qkPIXO:uhzYTGWVvJ8f2v1TbPzuMsIFSZkNThy6
Score1/10 -