remcos | 728032fc2156262ac444ba35b41678412fe7d95ee7abcf794169e1223cf340db | Triage

Submit
Reports

Overview

overview

Static

static

109f178939...18.exe

windows7-x64

109f178939...18.exe

windows10-2004-x64

Sharing

General

Target

109f178939666209f337edcb7095996d_JaffaCakes118
Size

373KB
Sample

241003-1nnypsybmq
MD5

109f178939666209f337edcb7095996d
SHA1

a30d845117319e60679a0048a3f32fc90ceedd6c
SHA256

728032fc2156262ac444ba35b41678412fe7d95ee7abcf794169e1223cf340db
SHA512

d4127bf090a4e58fbac1a08e6d6a936b06948f3ff01a5e1796ac3c9fdb24f31ffe271eba5626323044cb55d2900f293609ae03c3664357dda7c309ba5ff0d79d
SSDEEP

6144:6dg5n5DJJL7XJAnY7yo0nqsJ445mgy+sk8VAX8dN4pq:VnnJHX+nO8hJB5mKD8Z1

Score

10^/10

remcos agilenet discovery rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

109f178939666209f337edcb7095996d_JaffaCakes118.exe

Resource

win7-20240903-en

remcos agilenet discovery rat

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

109f178939666209f337edcb7095996d_JaffaCakes118.exe

Resource

win10v2004-20240910-en

remcos agilenet discovery rat

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  109f178939666209f337edcb7095996d_JaffaCakes118
- Size
  
  373KB
- MD5
  
  109f178939666209f337edcb7095996d
- SHA1
  
  a30d845117319e60679a0048a3f32fc90ceedd6c
- SHA256
  
  728032fc2156262ac444ba35b41678412fe7d95ee7abcf794169e1223cf340db
- SHA512
  
  d4127bf090a4e58fbac1a08e6d6a936b06948f3ff01a5e1796ac3c9fdb24f31ffe271eba5626323044cb55d2900f293609ae03c3664357dda7c309ba5ff0d79d
- SSDEEP
  
  6144:6dg5n5DJJL7XJAnY7yo0nqsJ445mgy+sk8VAX8dN4pq:VnnJHX+nO8hJB5mKD8Z1
Score

10^/10

remcos agilenet discovery rat
- Remcos
  Remcos is a closed-source remote control and surveillance software.
  rat remcos
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

remcosagilenetdiscoveryrat

behavioral2

remcosagilenetdiscoveryrat

© 2018-2025

Terms | Privacy