General
-
Target
1f71fb075a97b3727f8f314ed09b67fa90959f92e54ff603ea79e789b0dfcf17N
-
Size
483KB
-
Sample
241007-jf61waxfkb
-
MD5
2691de47e646dd11b0c60c3b534aecf0
-
SHA1
5eed7994f3cf94dc1d1d295c54fb4f807b6fbbc0
-
SHA256
1f71fb075a97b3727f8f314ed09b67fa90959f92e54ff603ea79e789b0dfcf17
-
SHA512
a112b63fea3233e747931874765749ec5cd56c0854efc267e7a434610e1a3b1852f11e4cdbd7ab53d7a3e79d59571baea029641de4530ff3f9fd4923b34e17b9
-
SSDEEP
6144:pTz+c6KHYBhDc1RGJdv//NkUn+N5Bkf/0TELRvIZPjbsAOZZmAX4cr+T4:pTlrYw1RUh3NFn+N5WfIQIjbs/ZmJT4
Malware Config
Extracted
remcos
Rhymer
64.188.12.208:5500
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-WW3VS5
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
1f71fb075a97b3727f8f314ed09b67fa90959f92e54ff603ea79e789b0dfcf17N
-
Size
483KB
-
MD5
2691de47e646dd11b0c60c3b534aecf0
-
SHA1
5eed7994f3cf94dc1d1d295c54fb4f807b6fbbc0
-
SHA256
1f71fb075a97b3727f8f314ed09b67fa90959f92e54ff603ea79e789b0dfcf17
-
SHA512
a112b63fea3233e747931874765749ec5cd56c0854efc267e7a434610e1a3b1852f11e4cdbd7ab53d7a3e79d59571baea029641de4530ff3f9fd4923b34e17b9
-
SSDEEP
6144:pTz+c6KHYBhDc1RGJdv//NkUn+N5Bkf/0TELRvIZPjbsAOZZmAX4cr+T4:pTlrYw1RUh3NFn+N5WfIQIjbs/ZmJT4
Score3/10 -