General

  • Target

    2632-218-0x0000000000400000-0x0000000000482000-memory.dmp

  • Size

    520KB

  • Sample

    240521-dpwcvagb7y

  • MD5

    15d0c3fc4d2f8f6a7a8d279cd36f03cd

  • SHA1

    97d00dda4a374c018af2220b9f6293bd764b8d4b

  • SHA256

    2516c5152accb7f550cfae49cb4899ca8458a5dd13b332b414b73bc97bbb09f7

  • SHA512

    39923a212f244dc3e2e4d5e1be9379e7d17ffa2d85571d8f4fff18dfcfac0240a32567c8b6d4ff0248be9b1a6b76cf29fcedabfcf2456a31f35665b6e59f8fd6

  • SSDEEP

    6144:6XIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcNsS5Gv:6X7tPMK8ctGe4Dzl4h2QnuPs/ZDwcv

Score
10/10

Malware Config

Extracted

Family

remcos

Botnet

NOTCRYPTING

C2

185.222.57.152:35789

Attributes
  • audio_folder

    MicRecords

  • audio_record_time

    5

  • connect_delay

    0

  • connect_interval

    1

  • copy_file

    remcos.exe

  • copy_folder

    Remcos

  • delete_file

    false

  • hide_file

    false

  • hide_keylog_file

    true

  • install_flag

    false

  • keylog_crypt

    false

  • keylog_file

    logs.dat

  • keylog_flag

    false

  • keylog_path

    %AppData%

  • mouse_option

    false

  • mutex

    Rmc-GJJQVC

  • screenshot_crypt

    false

  • screenshot_flag

    false

  • screenshot_folder

    Screenshots

  • screenshot_path

    %AppData%

  • screenshot_time

    10

  • startup_value

    

  • take_screenshot_option

    false

  • take_screenshot_time

    5

Targets

    • Target

      2632-218-0x0000000000400000-0x0000000000482000-memory.dmp

    • Size

      520KB

    • MD5

      15d0c3fc4d2f8f6a7a8d279cd36f03cd

    • SHA1

      97d00dda4a374c018af2220b9f6293bd764b8d4b

    • SHA256

      2516c5152accb7f550cfae49cb4899ca8458a5dd13b332b414b73bc97bbb09f7

    • SHA512

      39923a212f244dc3e2e4d5e1be9379e7d17ffa2d85571d8f4fff18dfcfac0240a32567c8b6d4ff0248be9b1a6b76cf29fcedabfcf2456a31f35665b6e59f8fd6

    • SSDEEP

      6144:6XIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZDAXYcNsS5Gv:6X7tPMK8ctGe4Dzl4h2QnuPs/ZDwcv

    Score
    1/10

MITRE ATT&CK Matrix

Tasks