Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
25-03-2024 04:08
General
-
Target
remcos_a.exe
-
Size
430KB
-
MD5
2d9857c3e363be0826296902a3e50c9e
-
SHA1
fce1fd8afaccd3fbe62dc42d0bba1c172c64756e
-
SHA256
d1ccd1018c949097006f28461e6344d56f3ab1de275cf61c4396bfeabe658bcd
-
SHA512
cd556e5a0c1de6121ed2eb58f464c13a70a18d1770bb9ce3a8d33d76eac8f715f96530bec5adbc3e1bb6a832c53e3a909281b7d0a739dec9d933d3fa4a3fcee5
-
SSDEEP
6144:xCJBSkHyP4DivRrO+d3cyU6320ho4nbJAj0N91EU7ZUFbz68AO2RjXH7Scr+6B3:xCJB/RuFhU6ho0ej0N91HFAAR77DB3
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\remcos_a.exe"C:\Users\Admin\AppData\Local\Temp\remcos_a.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage