General

  • Target

    1714456209369804801bdf0184bf91899d6952ac3158287761ba79e58bda9aa9358475c597235.dat-decoded.exe

  • Size

    483KB

  • Sample

    240430-gj6heaed91

  • MD5

    80f5b85ee5d79f166a66a2318e06cd3d

  • SHA1

    4c4f13392d0b6bd6e115328c15ba937e266039fa

  • SHA256

    1ac973018ba8364d23edb3b6b5d262b4cad214e54de48bbf0c8b2aafad3f248f

  • SHA512

    b5cf89c1578ec5b103fd6647813a074acd664534b06563aa9cdac5f30378d99152bda173fb4cd07cbb9ad5411dee0738f8a9eff9a58b79a8fcd5a6b5aaa4defb

  • SSDEEP

    6144:+XIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcN25Gv:+X7tPMK8ctGe4Dzl4h2QnuPs/ZDbcv

Score
10/10

Malware Config

Extracted

Family

remcos

Botnet

RemoteHost

C2

sembe.duckdns.org:14645

Attributes
  • audio_folder

    MicRecords

  • audio_record_time

    5

  • connect_delay

    0

  • connect_interval

    1

  • copy_file

    remcos.exe

  • copy_folder

    Remcos

  • delete_file

    false

  • hide_file

    false

  • hide_keylog_file

    false

  • install_flag

    false

  • keylog_crypt

    false

  • keylog_file

    nots.dat

  • keylog_flag

    false

  • keylog_folder

    note

  • keylog_path

    %Temp%

  • mouse_option

    false

  • mutex

    Rmc-999Z97

  • screenshot_crypt

    false

  • screenshot_flag

    false

  • screenshot_folder

    Screenshots

  • screenshot_path

    %AppData%

  • screenshot_time

    10

  • take_screenshot_option

    false

  • take_screenshot_time

    5

Targets

    • Target

      1714456209369804801bdf0184bf91899d6952ac3158287761ba79e58bda9aa9358475c597235.dat-decoded.exe

    • Size

      483KB

    • MD5

      80f5b85ee5d79f166a66a2318e06cd3d

    • SHA1

      4c4f13392d0b6bd6e115328c15ba937e266039fa

    • SHA256

      1ac973018ba8364d23edb3b6b5d262b4cad214e54de48bbf0c8b2aafad3f248f

    • SHA512

      b5cf89c1578ec5b103fd6647813a074acd664534b06563aa9cdac5f30378d99152bda173fb4cd07cbb9ad5411dee0738f8a9eff9a58b79a8fcd5a6b5aaa4defb

    • SSDEEP

      6144:+XIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcN25Gv:+X7tPMK8ctGe4Dzl4h2QnuPs/ZDbcv

    Score
    1/10

MITRE ATT&CK Matrix

Tasks