General
-
Target
905d864f4fed8774c1b2d9cb96eecc59d2da9e64c26a370920923587a54c1c33
-
Size
16.0MB
-
Sample
240806-hwkbdasfjn
-
MD5
60d0259dcbdf655094fe795c61abfb1f
-
SHA1
cf4204fc6f46bc3851b30fbfd5b4481dad363318
-
SHA256
905d864f4fed8774c1b2d9cb96eecc59d2da9e64c26a370920923587a54c1c33
-
SHA512
31e002f74ae1bc5b9d9d77b5f318f5efe9d60e9082e190976051b7f5b755bb2f7982edc9ef81bdc8f93b9a7a98441b83902b47091ad2764c09393488535264b3
-
SSDEEP
12288:NPmUhjREy9R04jE0IsWGovEDbxjs/Z3Scv:Jrj6IR04jEXsxbxmZ
Malware Config
Extracted
remcos
FmGlobal
royaldachpharmacy.duckdns.org:6395
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
services.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
true
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-GRT17F
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
905d864f4fed8774c1b2d9cb96eecc59d2da9e64c26a370920923587a54c1c33
-
Size
16.0MB
-
MD5
60d0259dcbdf655094fe795c61abfb1f
-
SHA1
cf4204fc6f46bc3851b30fbfd5b4481dad363318
-
SHA256
905d864f4fed8774c1b2d9cb96eecc59d2da9e64c26a370920923587a54c1c33
-
SHA512
31e002f74ae1bc5b9d9d77b5f318f5efe9d60e9082e190976051b7f5b755bb2f7982edc9ef81bdc8f93b9a7a98441b83902b47091ad2764c09393488535264b3
-
SSDEEP
12288:NPmUhjREy9R04jE0IsWGovEDbxjs/Z3Scv:Jrj6IR04jEXsxbxmZ
Score1/10 -