General
-
Target
76babff82730483b6ffdb0d73fc1d591ed33e2d73cfd02ff200763283319ef67
-
Size
265KB
-
Sample
240417-q1c2vsbf81
-
MD5
c1b71bd34b4a39defc09ed0ce2354d9f
-
SHA1
59c4e4763ea742f4bfcf587f5eb1dfbc210c5868
-
SHA256
76babff82730483b6ffdb0d73fc1d591ed33e2d73cfd02ff200763283319ef67
-
SHA512
70c756dcdf0905e11040ca68a4996144800fcd88cddc10e8bd0d6f3c31374b8efd1fe2bf40264dec0ca0fc58ebf323d247c0bf00b43bbd848e90306c5481d202
-
SSDEEP
6144:7ycqhxGAsXCr9f0vYN5GTK01UCSd9cRkWi86hecsR5UuV7iVh9v:zqXC9vU5Gpm3oXkVsdiVh9v
Behavioral task
behavioral1
Sample
c04f7cfb13eff22b612e0809dd48b2c3ad4e6ab8ea30d0d91fd077194eb52cfa.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
c04f7cfb13eff22b612e0809dd48b2c3ad4e6ab8ea30d0d91fd077194eb52cfa.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
remcos
w7
jgm.kozow.com:5532
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
real-M7UEG4
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
c04f7cfb13eff22b612e0809dd48b2c3ad4e6ab8ea30d0d91fd077194eb52cfa.exe
-
Size
483KB
-
MD5
6f76fb672d1db1c3dbe4770981c7fec3
-
SHA1
3d208d34c71f1108a53b5604615db4d71ddb5002
-
SHA256
c04f7cfb13eff22b612e0809dd48b2c3ad4e6ab8ea30d0d91fd077194eb52cfa
-
SHA512
7a459f1554a878da46ec57ff3788881efbb39ed9dc5a87ecb6692f0d2a73941acdd11579eea8a9b9626436c59947a9901b087baf73a278bc2dab6cb4bbe694a1
-
SSDEEP
6144:8XIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZsAX4cNt5Gv:8X7tPMK8ctGe4Dzl4h2QnuPs/Zskcv
Score1/10 -