General
-
Target
1713252787121128fc689f92bed3d76de8a0170e7d69ae243386b8c68bf411853ddcb2e022107.dat-decoded
-
Size
483KB
-
Sample
240416-jd756acd86
-
MD5
168ea6eca48cf9f2612488934e1e2da7
-
SHA1
a23ad3e47bf3b7a4e8ac7852b9359b9c8907590a
-
SHA256
b8376836fa29f66836689fa0edc6e456c17b4294d5090432ef888c2a74f624dc
-
SHA512
0af8c1a5b7d3550aee6f5a424150192db70abaa565bbb11f13eb27fd4e231303b2d46816175697347ea310ba7bee2fb79ee84aeeb95582f5755cca6b73dfd6ad
-
SSDEEP
6144:aXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcN/5Gv:aX7tPMK8ctGe4Dzl4h2QnuPs/ZDWcv
Malware Config
Extracted
remcos
RemoteHost
rmcnewlistening.duckdns.org:14645
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-AK1F22
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
1713252787121128fc689f92bed3d76de8a0170e7d69ae243386b8c68bf411853ddcb2e022107.dat-decoded
-
Size
483KB
-
MD5
168ea6eca48cf9f2612488934e1e2da7
-
SHA1
a23ad3e47bf3b7a4e8ac7852b9359b9c8907590a
-
SHA256
b8376836fa29f66836689fa0edc6e456c17b4294d5090432ef888c2a74f624dc
-
SHA512
0af8c1a5b7d3550aee6f5a424150192db70abaa565bbb11f13eb27fd4e231303b2d46816175697347ea310ba7bee2fb79ee84aeeb95582f5755cca6b73dfd6ad
-
SSDEEP
6144:aXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcN/5Gv:aX7tPMK8ctGe4Dzl4h2QnuPs/ZDWcv
Score1/10 -