General
-
Target
a370956de67e55076ec45c4cd8358a700cfde3b16bc4b01fa565714b40e7c746
-
Size
481KB
-
Sample
241116-bj1z2azqfq
-
MD5
c0e45a24f7b969447cf476486103711d
-
SHA1
b74f2bf6eb29a8887536499393590f91aeb2b767
-
SHA256
a370956de67e55076ec45c4cd8358a700cfde3b16bc4b01fa565714b40e7c746
-
SHA512
7bc8cfe3a694d20c5ed66cc1abca1e288d5da5e2d0d4c4cd27d28cbc451cee64f1b2d392589ccda3284ac6108d0f48ca489db73f520169cac7e58da301476061
-
SSDEEP
12288:VuD09AUkNIGBYYv4eK13x13nZHSRVMf139F5wIB7+IwtHwBtVxbesvZDSg+DY:409AfNIEYsunZvZ19ZLs
Malware Config
Extracted
remcos
RemoteHost
www.humptex.store:2404
-
audio_folder
MicRecords
-
audio_path
ApplicationPath
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
edfghjk
-
mouse_option
false
-
mutex
Rmc-8D13LS
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
a370956de67e55076ec45c4cd8358a700cfde3b16bc4b01fa565714b40e7c746
-
Size
481KB
-
MD5
c0e45a24f7b969447cf476486103711d
-
SHA1
b74f2bf6eb29a8887536499393590f91aeb2b767
-
SHA256
a370956de67e55076ec45c4cd8358a700cfde3b16bc4b01fa565714b40e7c746
-
SHA512
7bc8cfe3a694d20c5ed66cc1abca1e288d5da5e2d0d4c4cd27d28cbc451cee64f1b2d392589ccda3284ac6108d0f48ca489db73f520169cac7e58da301476061
-
SSDEEP
12288:VuD09AUkNIGBYYv4eK13x13nZHSRVMf139F5wIB7+IwtHwBtVxbesvZDSg+DY:409AfNIEYsunZvZ19ZLs
Score3/10 -