General
-
Target
Scan00102207.gz
-
Size
903KB
-
Sample
240814-nsa67avcqp
-
MD5
9569699d199de41b056cb5d6d83dae79
-
SHA1
9d101c232d3983317156ab1f6359ba03101b9d2c
-
SHA256
80c2e1f29d6a3fba105c4a57cb3b15687d7ea6bf0e70aef371520039e05ba722
-
SHA512
8c0b302c01dc1f3a7aa9c2e6e9efd14bbc09f6044a3bda7e1d2b9611bd2f174fad5f4d3b79a3b7638b9a2707de385ccba0aad42f1013f7b50399a40f5280ab76
-
SSDEEP
24576:4Q9u2reMs0q39AoqBL7dbmNhcsjCx/Q9ef:F9u2CMS9iL5uh0FQU
Malware Config
Extracted
remcos
RemoteHost
www.vipclassproject2024.space:2404
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
manpi
-
mouse_option
false
-
mutex
Rmc-WTPOG9
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
Scan00102207.exe
-
Size
1.3MB
-
MD5
54d7d3c1b92c9034542d9b2ea513aee7
-
SHA1
87ba9b8bc1ddde0f68fe2f4f59fef1242f96ed4c
-
SHA256
6610fa5fa05c6918011ca2ea766eb3062869086dc66713e1d259ac7c4efc4550
-
SHA512
3821c880199e85a9607914f0d5e062eccac34ca0094b2e2f40fab2a4782bf55c8b9f2afd31d6b8c08898fa4030a80e88a81119966ea79d41ba316d4a3b6449f7
-
SSDEEP
24576:tqDEvCTbMWu7rQYlBQcBiT6rprG8aAt7k73s2Xc5fQTkK:tTvC/MTQYxsWR7aAtq3+NQY
Score10/10-
Remcos
Remcos is a closed-source remote control and surveillance software.
-