General
-
Target
cb32d88e0b49d1db4622373001e2d753.bin
-
Size
265KB
-
Sample
241201-b6wzlaxkhn
-
MD5
74fa8b12367949188b8b3f874f862a02
-
SHA1
af160cac353050d9d1ac94a433c681f9b821230a
-
SHA256
0d64de4fd85cb24c942fbaec36a2be780ed34ed7d71b3542e59795fd00b92aca
-
SHA512
09b0c042a5b59d1e29ff5e2d214dd8ea29dc3d9263e22f96672079f75bb00bdf58b1b93c67d5fb62eed18189e254c43216bd485ab988a49ad0dec2c8c5f36ed1
-
SSDEEP
6144:wndOJTpDtGcGDibN64A0wxLq/0LNclD1pwU7U:wd+kuN6D0wpq8RclD8Ug
Malware Config
Extracted
remcos
RemoteHost
rem0324.duckdns.org:1213
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-WGH0X6
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
b1ca571f365a1bbb855d967b78109d6744f79c21f7d81729091a1ba2ea6cda39.exe
-
Size
483KB
-
MD5
cb32d88e0b49d1db4622373001e2d753
-
SHA1
bd81a5636f7c35ad2a3a5207320dc6f8486f310d
-
SHA256
b1ca571f365a1bbb855d967b78109d6744f79c21f7d81729091a1ba2ea6cda39
-
SHA512
25a10f0628b3510c7149f63397bdf889fd768df8bb1f60547d00223c0dcf56b489cbcd5e4b863846bc8f0be8c3fe1865bb5972e75fdb1b7d66d9cab7401730c7
-
SSDEEP
6144:cXIktXfM8Lv86r9uVWAa2je4Z5zl4hgDHQQs4NTQjoHFsAOZZsAX4cNf5Gv:cX7tPMK8ctGe4Dzl4h2QnuPs/ZsScv
Score3/10 -