General
-
Target
bf67ca4c80bee07b239b2d1feb0f65be_JaffaCakes118
-
Size
3.6MB
-
Sample
240824-zwaklsyhrb
-
MD5
bf67ca4c80bee07b239b2d1feb0f65be
-
SHA1
93257710d02088ac34d0adaf8f8af389dc20e933
-
SHA256
4ed08a45b8b00ee8d79fcdbfb68468a826fec1022473f440415197aecc1a187b
-
SHA512
569fc239b69eeb3b7bb7050b525f585e66f3bc87482f521246656f7fd4c3757992d806a8eb108f477cce47676246ae71ba42d91bc57f92586946ab1e36efca42
-
SSDEEP
49152:wHBaxpAS/DARf7gJ5O9GyyPwhI3T8t3EV:KdW5O0yyqIc
Malware Config
Extracted
remcos
2.7.0 Pro
FEBRERO 15
serviciospun.puntofr.cc:6696
-
audio_folder
audio
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
3
-
copy_file
remcos.exe
-
copy_folder
remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
true
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
FREXCAZ
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
FORTILEX-FFBWFZ
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
bf67ca4c80bee07b239b2d1feb0f65be_JaffaCakes118
-
Size
3.6MB
-
MD5
bf67ca4c80bee07b239b2d1feb0f65be
-
SHA1
93257710d02088ac34d0adaf8f8af389dc20e933
-
SHA256
4ed08a45b8b00ee8d79fcdbfb68468a826fec1022473f440415197aecc1a187b
-
SHA512
569fc239b69eeb3b7bb7050b525f585e66f3bc87482f521246656f7fd4c3757992d806a8eb108f477cce47676246ae71ba42d91bc57f92586946ab1e36efca42
-
SSDEEP
49152:wHBaxpAS/DARf7gJ5O9GyyPwhI3T8t3EV:KdW5O0yyqIc
Score10/10-
Remcos
Remcos is a closed-source remote control and surveillance software.
-