General
-
Target
1096-31-0x0000000000400000-0x000000000048A000-memory.dmp
-
Size
552KB
-
Sample
240527-mqyzsshf32
-
MD5
20f23bb9aecbcb70e0b93316c592d012
-
SHA1
10ab13fc941f226377793f221444e4722cd242be
-
SHA256
22fea4be55e7b1257ccb6b5a84b2c42c88187ebafcf0f16bdbd785a77f591ae0
-
SHA512
f61aeb22becdea8bd5a356084757a5888b970db4449fd581d36584f2174bdb0e8dc1746923ac0440b1629d7d1c4e97bc2c7725652a98afb90a32bbce29de1f0f
-
SSDEEP
6144:WXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHjVsAOZZsAX7cju:WX7tPMK8ctGe4Dzl4h2Qnujs/Zs
Malware Config
Extracted
remcos
CAT
zoonm.ddns.net:35890
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
vlc.exe
-
copy_folder
vlc
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
true
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
chrorne-VRZEW3
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
1096-31-0x0000000000400000-0x000000000048A000-memory.dmp
-
Size
552KB
-
MD5
20f23bb9aecbcb70e0b93316c592d012
-
SHA1
10ab13fc941f226377793f221444e4722cd242be
-
SHA256
22fea4be55e7b1257ccb6b5a84b2c42c88187ebafcf0f16bdbd785a77f591ae0
-
SHA512
f61aeb22becdea8bd5a356084757a5888b970db4449fd581d36584f2174bdb0e8dc1746923ac0440b1629d7d1c4e97bc2c7725652a98afb90a32bbce29de1f0f
-
SSDEEP
6144:WXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHjVsAOZZsAX7cju:WX7tPMK8ctGe4Dzl4h2Qnujs/Zs
Score1/10 -