General
-
Target
ced0e9bdc7c5386b7bfcf744ee26efa2bf5f12035c96c50e44884cbbc675d54a
-
Size
265KB
-
Sample
240417-q853lsag46
-
MD5
c14ea0be2c0e49e8e983cc1629dd9b6f
-
SHA1
a91c738dfb14223ea8b6d7338dffbec8ffbc3d4c
-
SHA256
ced0e9bdc7c5386b7bfcf744ee26efa2bf5f12035c96c50e44884cbbc675d54a
-
SHA512
a2bdbdbc3137a919124629d59a00d0cd76141af0fd0274c5c04100752d73c5fa1f30b347ebad5b17fedaa9faff67e22edd6c94eff35b02ab17c29de72a64fb52
-
SSDEEP
6144:qIzdEooFoz1qUYTgm+YxKEixOOObbnQvB0z4jfN8:5Nf1qXT+YxKEizObbQ50z4D2
Behavioral task
behavioral1
Sample
44f329aab838c260ec6eb949069db14abc1c7719dbd3101f8dae1e3af83180f9.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
44f329aab838c260ec6eb949069db14abc1c7719dbd3101f8dae1e3af83180f9.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
remcos
w7
jgm.kozow.com:5030
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
real-Y890HD
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
44f329aab838c260ec6eb949069db14abc1c7719dbd3101f8dae1e3af83180f9.exe
-
Size
483KB
-
MD5
83fe25aa9f5e8d0ed759b2a7dd8e0b19
-
SHA1
911d442f808c3560eee0a634fba61fd01f837ac2
-
SHA256
44f329aab838c260ec6eb949069db14abc1c7719dbd3101f8dae1e3af83180f9
-
SHA512
1255ae05d8226148e9a93b34bc54de037d401bd48af292014a0cab450eb9935ea89a8e13ecd40e6d35447f4b4f774745c039d450a3df6a906e442cc1c8f55523
-
SSDEEP
6144:cXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZsAX4cNb5Gv:cX7tPMK8ctGe4Dzl4h2QnuPs/ZsKcv
Score1/10 -