General
-
Target
2ff32c90e5a04d6a51e0360368daafe35396561f9687a27306f539ae0f354ade
-
Size
483KB
-
Sample
240915-vhdb5atcnh
-
MD5
aa4aca6b0973b169a4242718f04d9c54
-
SHA1
79212a9e32d3ae5f1778605a43fcb6a63b9fccb1
-
SHA256
2ff32c90e5a04d6a51e0360368daafe35396561f9687a27306f539ae0f354ade
-
SHA512
a47637d9472a04fde60e2494ba05f0851bf6d4e7f9ede7d23c37c38d094a64b647c0c5ba5b946d44a6ee31d09b8b0d1fdf513c7ed981b0466f98197988da299a
-
SSDEEP
6144:RTz+c6KHYBhDc1RGJdv//NkUn+N5Bkf/0TELRvIZPjbsAOZZmAX4crxT4:RTlrYw1RUh3NFn+N5WfIQIjbs/ZmyT4
Malware Config
Extracted
remcos
SEPT 4
sungito2.ddns.net:6509
154.216.19.222:5532
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-EIENFE
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
2ff32c90e5a04d6a51e0360368daafe35396561f9687a27306f539ae0f354ade
-
Size
483KB
-
MD5
aa4aca6b0973b169a4242718f04d9c54
-
SHA1
79212a9e32d3ae5f1778605a43fcb6a63b9fccb1
-
SHA256
2ff32c90e5a04d6a51e0360368daafe35396561f9687a27306f539ae0f354ade
-
SHA512
a47637d9472a04fde60e2494ba05f0851bf6d4e7f9ede7d23c37c38d094a64b647c0c5ba5b946d44a6ee31d09b8b0d1fdf513c7ed981b0466f98197988da299a
-
SSDEEP
6144:RTz+c6KHYBhDc1RGJdv//NkUn+N5Bkf/0TELRvIZPjbsAOZZmAX4crxT4:RTlrYw1RUh3NFn+N5WfIQIjbs/ZmyT4
Score3/10 -