rms | 59cfae756c39c85f53ad789d87b95e93e7839fb182f2c598c9d75a04a4c0dd62 | Triage

Submit
Reports

Overview

overview

Static

static

3

a058405d1e...bc.exe

windows7-x64

a058405d1e...bc.exe

windows10-2004-x64

Sharing

General

Target

a058405d1e54704810b93f01742063bc
Size

6.0MB
Sample

240216-pajlaaae71
MD5

a058405d1e54704810b93f01742063bc
SHA1

dc9bcb107e6031b7e0f940d559e7e15e5e603517
SHA256

59cfae756c39c85f53ad789d87b95e93e7839fb182f2c598c9d75a04a4c0dd62
SHA512

71dd4c17baf009d6e696428c320cc0244cb953f42b00decc5f8a7972a61cfe2b3a7c6ebd57543a5a705668e5431697084963ed384bb59b1c1d09484c43c75f81
SSDEEP

98304:m20vX70nfFXtejsaxfBM8JStpRvVnjt6fqSp8vE39svDK5ExEA2:paX7u3ejsaVCY0pR9nj0fucsmXA2

Score

10^/10

rms rat trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a058405d1e54704810b93f01742063bc.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a058405d1e54704810b93f01742063bc.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a058405d1e54704810b93f01742063bc
- Size
  
  6.0MB
- MD5
  
  a058405d1e54704810b93f01742063bc
- SHA1
  
  dc9bcb107e6031b7e0f940d559e7e15e5e603517
- SHA256
  
  59cfae756c39c85f53ad789d87b95e93e7839fb182f2c598c9d75a04a4c0dd62
- SHA512
  
  71dd4c17baf009d6e696428c320cc0244cb953f42b00decc5f8a7972a61cfe2b3a7c6ebd57543a5a705668e5431697084963ed384bb59b1c1d09484c43c75f81
- SSDEEP
  
  98304:m20vX70nfFXtejsaxfBM8JStpRvVnjt6fqSp8vE39svDK5ExEA2:paX7u3ejsaVCY0pR9nj0fucsmXA2
Score

10^/10

rms rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy