General
-
Target
1714456209369804801bdf0184bf91899d6952ac3158287761ba79e58bda9aa9358475c597235.dat-decoded.exe
-
Size
483KB
-
Sample
240430-gj6heaed91
-
MD5
80f5b85ee5d79f166a66a2318e06cd3d
-
SHA1
4c4f13392d0b6bd6e115328c15ba937e266039fa
-
SHA256
1ac973018ba8364d23edb3b6b5d262b4cad214e54de48bbf0c8b2aafad3f248f
-
SHA512
b5cf89c1578ec5b103fd6647813a074acd664534b06563aa9cdac5f30378d99152bda173fb4cd07cbb9ad5411dee0738f8a9eff9a58b79a8fcd5a6b5aaa4defb
-
SSDEEP
6144:+XIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcN25Gv:+X7tPMK8ctGe4Dzl4h2QnuPs/ZDbcv
Behavioral task
behavioral1
Sample
1714456209369804801bdf0184bf91899d6952ac3158287761ba79e58bda9aa9358475c597235.dat-decoded.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1714456209369804801bdf0184bf91899d6952ac3158287761ba79e58bda9aa9358475c597235.dat-decoded.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
remcos
RemoteHost
sembe.duckdns.org:14645
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
nots.dat
-
keylog_flag
false
-
keylog_folder
note
-
keylog_path
%Temp%
-
mouse_option
false
-
mutex
Rmc-999Z97
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
1714456209369804801bdf0184bf91899d6952ac3158287761ba79e58bda9aa9358475c597235.dat-decoded.exe
-
Size
483KB
-
MD5
80f5b85ee5d79f166a66a2318e06cd3d
-
SHA1
4c4f13392d0b6bd6e115328c15ba937e266039fa
-
SHA256
1ac973018ba8364d23edb3b6b5d262b4cad214e54de48bbf0c8b2aafad3f248f
-
SHA512
b5cf89c1578ec5b103fd6647813a074acd664534b06563aa9cdac5f30378d99152bda173fb4cd07cbb9ad5411dee0738f8a9eff9a58b79a8fcd5a6b5aaa4defb
-
SSDEEP
6144:+XIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcN25Gv:+X7tPMK8ctGe4Dzl4h2QnuPs/ZDbcv
Score1/10 -