General
-
Target
4803c18e57cbf465a26391fa2724a415a9837e5ef2a78f958cc8fb17a4e84c6f.exe
-
Size
481KB
-
Sample
241203-y6mggsxqhn
-
MD5
850f7c5b92cf5a48698790326549ea43
-
SHA1
160430deb472280cd1e78f373e4db0a1c920bfd3
-
SHA256
4803c18e57cbf465a26391fa2724a415a9837e5ef2a78f958cc8fb17a4e84c6f
-
SHA512
223568b6aa470812198b1bb3bc0bbd26cc6c93f0fa8dae57beb002628c820cb1d048e84bebffa0e26b667b2979cdb116b20d0ba1a84ed1b210721e5e634d1745
-
SSDEEP
12288:luD09AUkNIGBYYv4eK13x13nZHSRVMf139F5wIB7+IwtHwBtVxbesvZDSu+DY7:I09AfNIEYsunZvZ19ZpsS
Malware Config
Extracted
remcos
RemoteHost
mastermrcol.net:6565
-
audio_folder
MicRecords
-
audio_path
ApplicationPath
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-89JTT1
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
4803c18e57cbf465a26391fa2724a415a9837e5ef2a78f958cc8fb17a4e84c6f.exe
-
Size
481KB
-
MD5
850f7c5b92cf5a48698790326549ea43
-
SHA1
160430deb472280cd1e78f373e4db0a1c920bfd3
-
SHA256
4803c18e57cbf465a26391fa2724a415a9837e5ef2a78f958cc8fb17a4e84c6f
-
SHA512
223568b6aa470812198b1bb3bc0bbd26cc6c93f0fa8dae57beb002628c820cb1d048e84bebffa0e26b667b2979cdb116b20d0ba1a84ed1b210721e5e634d1745
-
SSDEEP
12288:luD09AUkNIGBYYv4eK13x13nZHSRVMf139F5wIB7+IwtHwBtVxbesvZDSu+DY7:I09AfNIEYsunZvZ19ZpsS
Score3/10 -