General
-
Target
17323410667d99229b9ce677d696d20502ddaab36e60066e7988d89e342c219aec646f9f24501.dat-decoded.exe
-
Size
483KB
-
Sample
241123-grwyyawnck
-
MD5
0a5ef4ce865711c55bbd9e3ba61bcd4f
-
SHA1
af23d89a402faaf366a0374a24dcd5844b386d62
-
SHA256
fc7beeae6b795561f216733b82611c8db1643cc883ded6fbca9c447c7a985358
-
SHA512
f79a23f44518c1fb363264fa5bde787ba44d80bff1af7464f2f515ef9b45aa4774f13ae4dc5440fa15918db3c9224183a1b12d2731059dec1f2b85640f0f8030
-
SSDEEP
12288:W5k+Yqaxrh3Nln+N52fIA4jbsvZzFVA4:gY9xrh3NDfIA4jOZx
Malware Config
Extracted
remcos
oct24
championsleague24.duckdns.org:8090
-
audio_folder
MicRecords
-
audio_path
ApplicationPath
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
true
-
install_flag
false
-
keylog_crypt
true
-
keylog_file
ops.dat
-
keylog_flag
false
-
keylog_folder
windir
-
mouse_option
false
-
mutex
wsbdetrdfeyt45-ZLEH2L
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
17323410667d99229b9ce677d696d20502ddaab36e60066e7988d89e342c219aec646f9f24501.dat-decoded.exe
-
Size
483KB
-
MD5
0a5ef4ce865711c55bbd9e3ba61bcd4f
-
SHA1
af23d89a402faaf366a0374a24dcd5844b386d62
-
SHA256
fc7beeae6b795561f216733b82611c8db1643cc883ded6fbca9c447c7a985358
-
SHA512
f79a23f44518c1fb363264fa5bde787ba44d80bff1af7464f2f515ef9b45aa4774f13ae4dc5440fa15918db3c9224183a1b12d2731059dec1f2b85640f0f8030
-
SSDEEP
12288:W5k+Yqaxrh3Nln+N52fIA4jbsvZzFVA4:gY9xrh3NDfIA4jOZx
Score3/10 -