Overview

overview

10

Static

static

10

5040-198-0...ry.exe

windows7-x64

10

5040-198-0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5040-198-0x00000000105A0000-0x0000000010624000-memory.dmp

  • Size

    528KB

  • MD5

    faff08649e803c4a16716b444c287274

  • SHA1

    7d4917ceb935f00883b2e4b675469f00b730f71a

  • SHA256

    69e93582d52f6647e75144a3669650cfd5da308666ecf02528269ef6e8c1a5e2

  • SHA512

    9a0ce68e34fff1411fd4efe22dcd265cbed6ebdcfe208e9acabe823bd1cac384c4f3ebbe944749fd258607c09f93a1df98fbfc4e0132988833ac2585522f08ec

  • SSDEEP

    12288:keRXxReZj3WZfj/2eSseWFaIe2+f8CL47bs/Zf2zDU:kex7cyF2eSsewS8W47eZO

Score
10/10
remcos

Malware Config

Signatures

  • Remcos family
    remcos
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5040-198-0x00000000105A0000-0x0000000010624000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections