General
-
Target
199d642bf20eb5b9ae989bd2872757b19186a0c579a81613b29d64d9c992a746.exe
-
Size
521KB
-
Sample
240727-tfmx4szerg
-
MD5
4bc6f1e5964b73ff7f085f61890c647e
-
SHA1
1c568323c4db0536fcc1afa969cf77abab6341d0
-
SHA256
199d642bf20eb5b9ae989bd2872757b19186a0c579a81613b29d64d9c992a746
-
SHA512
daa3cb2f80088bd6d94b14cc4ef72332cc766eb7412a00d58fc51b929dacafd00bb3b57b0c8b71947e076113adf094e1e7bf1bff7acbcdcbdcb0f0bf40978924
-
SSDEEP
6144:AXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZoAX0cN55Gv:AX7tPMK8ctGe4Dzl4h2QnuPs/ZoIcv
Malware Config
Extracted
remcos
July 16
luky00921.ddns.net:6089
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-IWWVV3
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
199d642bf20eb5b9ae989bd2872757b19186a0c579a81613b29d64d9c992a746.exe
-
Size
521KB
-
MD5
4bc6f1e5964b73ff7f085f61890c647e
-
SHA1
1c568323c4db0536fcc1afa969cf77abab6341d0
-
SHA256
199d642bf20eb5b9ae989bd2872757b19186a0c579a81613b29d64d9c992a746
-
SHA512
daa3cb2f80088bd6d94b14cc4ef72332cc766eb7412a00d58fc51b929dacafd00bb3b57b0c8b71947e076113adf094e1e7bf1bff7acbcdcbdcb0f0bf40978924
-
SSDEEP
6144:AXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZoAX0cN55Gv:AX7tPMK8ctGe4Dzl4h2QnuPs/ZoIcv
Score3/10 -