General
-
Target
1727849345794c209e33766caf89479295ffde722ecf82510111c722c29bca51ee334b3d04504.datdecoded.exe
-
Size
482KB
-
Sample
241002-jvha3aygpc
-
MD5
53937f0cc7b24cff80c15f39776cb4bf
-
SHA1
1d601f8180fb8ae3c43ca542d670666b638cd756
-
SHA256
c87b44e4d271ba4284a157d97e65b45cc501a10b182ff9435c854a681caacb9a
-
SHA512
f1da6eaa9fb410a2aba5e379265bd4718217e8ad2b2e928774f84e2d3c5b13f6820fdbadf5e559c9947756262f6dc75282bd45a3c4d68331b267f81bf50c672a
-
SSDEEP
6144:yTz+c6KHYBhDc1RGJdv//NkUn+N5Bkf/0TELRvIZPjbsAOZZXAXkcrYT4:yTlrYw1RUh3NFn+N5WfIQIjbs/ZXLT4
Malware Config
Extracted
remcos
INRY
025sep.duckdns.org:3000
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
registros.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-Q0TS8L
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Capturas de pantalla
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
1727849345794c209e33766caf89479295ffde722ecf82510111c722c29bca51ee334b3d04504.datdecoded.exe
-
Size
482KB
-
MD5
53937f0cc7b24cff80c15f39776cb4bf
-
SHA1
1d601f8180fb8ae3c43ca542d670666b638cd756
-
SHA256
c87b44e4d271ba4284a157d97e65b45cc501a10b182ff9435c854a681caacb9a
-
SHA512
f1da6eaa9fb410a2aba5e379265bd4718217e8ad2b2e928774f84e2d3c5b13f6820fdbadf5e559c9947756262f6dc75282bd45a3c4d68331b267f81bf50c672a
-
SSDEEP
6144:yTz+c6KHYBhDc1RGJdv//NkUn+N5Bkf/0TELRvIZPjbsAOZZXAXkcrYT4:yTlrYw1RUh3NFn+N5WfIQIjbs/ZXLT4
Score3/10 -