General
-
Target
df00f112e25af6405916498f807929598b7fc4840885f5ae55814fb7081518a3.exe
-
Size
486KB
-
Sample
240215-gfvxhaah87
-
MD5
595852c92f5da87ceb5cc7167f015a72
-
SHA1
030c0135d242290af5535c8fd7ceebf70b450b68
-
SHA256
df00f112e25af6405916498f807929598b7fc4840885f5ae55814fb7081518a3
-
SHA512
5a87d375ab1534daa3b9f1b451d1ef43203b7c6fd2f1b5b7f1cdcef2eae0687e36e84cd470afb48f1d46af9dd39531596d799beaf025cb600f60486f94818db0
-
SSDEEP
6144:hXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZHAX7cNu5GvL:hX7tPMK8ctGe4Dzl4h2QnuPs/ZHicvL
Behavioral task
behavioral1
Sample
df00f112e25af6405916498f807929598b7fc4840885f5ae55814fb7081518a3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
df00f112e25af6405916498f807929598b7fc4840885f5ae55814fb7081518a3.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
remcos
23033
188.116.23.142:23033
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
0x0053ffdfdd
-
keylog_flag
false
-
keylog_folder
Sysinfo
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
Rmc-JG5PN4
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
df00f112e25af6405916498f807929598b7fc4840885f5ae55814fb7081518a3.exe
-
Size
486KB
-
MD5
595852c92f5da87ceb5cc7167f015a72
-
SHA1
030c0135d242290af5535c8fd7ceebf70b450b68
-
SHA256
df00f112e25af6405916498f807929598b7fc4840885f5ae55814fb7081518a3
-
SHA512
5a87d375ab1534daa3b9f1b451d1ef43203b7c6fd2f1b5b7f1cdcef2eae0687e36e84cd470afb48f1d46af9dd39531596d799beaf025cb600f60486f94818db0
-
SSDEEP
6144:hXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZHAX7cNu5GvL:hX7tPMK8ctGe4Dzl4h2QnuPs/ZHicvL
Score1/10 -