General
-
Target
3f36cb709c4627b3473f9a847632acb55738b72a4bb3291d3291e26ccd87c646
-
Size
430KB
-
Sample
240814-zqjakayepm
-
MD5
291d2ec1d792bd31a2471a55b5408ea3
-
SHA1
95d3891fd4f16ee1865cb40023ded2e3fdfd882d
-
SHA256
3f36cb709c4627b3473f9a847632acb55738b72a4bb3291d3291e26ccd87c646
-
SHA512
23fdd5e13fff7edf22fead623e6f8bfcb5bc1a9597faa79b9c88a8259419949aa5a311e5ad7943f61df222a2aa519abc64e4cb314e488717be1fd7aaa6b90350
-
SSDEEP
6144:tvRscHtVzjwIRFzJZ2p26+jFWXYnj9iT2ebvXmUcCqkmAO2djXH7icDj3:tvRs4OIm2hWX4U2ebvRUAd77B3
Behavioral task
behavioral1
Sample
3f36cb709c4627b3473f9a847632acb55738b72a4bb3291d3291e26ccd87c646.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
3f36cb709c4627b3473f9a847632acb55738b72a4bb3291d3291e26ccd87c646.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
remcos
5.1.1 Light
RemoteHost
192.168.1.6:8888
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-JDL0XC
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
3f36cb709c4627b3473f9a847632acb55738b72a4bb3291d3291e26ccd87c646
-
Size
430KB
-
MD5
291d2ec1d792bd31a2471a55b5408ea3
-
SHA1
95d3891fd4f16ee1865cb40023ded2e3fdfd882d
-
SHA256
3f36cb709c4627b3473f9a847632acb55738b72a4bb3291d3291e26ccd87c646
-
SHA512
23fdd5e13fff7edf22fead623e6f8bfcb5bc1a9597faa79b9c88a8259419949aa5a311e5ad7943f61df222a2aa519abc64e4cb314e488717be1fd7aaa6b90350
-
SSDEEP
6144:tvRscHtVzjwIRFzJZ2p26+jFWXYnj9iT2ebvXmUcCqkmAO2djXH7icDj3:tvRs4OIm2hWX4U2ebvRUAd77B3
Score3/10 -