General
-
Target
1733782507080baec6756496aa00a9de94bd4b6146711872f8ab63e40379ca627825be54c2492.dat-decoded.exe
-
Size
481KB
-
Sample
241209-16sdvaykgp
-
MD5
556ab8a38eb6a909f16a0bae16a68bdf
-
SHA1
0493131f6f552d33bb9c2c83266069ad931d5341
-
SHA256
857eabbcb32012511e0765ed77681e299c8661aa4dd64dee57e4bc9f79737398
-
SHA512
30dc06f0f01dd0a4568d8fad3e868197795c828ee2506a1e188d2c3fe11a2a2a6ebcea3a3d34ef498ec4df03e5f0763ef53fb0d91cbb1337ff6420fc86827107
-
SSDEEP
12288:XuD09AUkNIGBYYv4eK13x13nZHSRVMf139F5wIB7+IwtHwBtVxbesvZDSn+DY:K09AfNIEYsunZvZ19Z4s
Malware Config
Extracted
remcos
RemoteHost
nuevodiciembre.duckdns.org:2404
-
audio_folder
MicRecords
-
audio_path
ApplicationPath
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
registros.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-G2XE28
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Capturas de pantalla
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
1733782507080baec6756496aa00a9de94bd4b6146711872f8ab63e40379ca627825be54c2492.dat-decoded.exe
-
Size
481KB
-
MD5
556ab8a38eb6a909f16a0bae16a68bdf
-
SHA1
0493131f6f552d33bb9c2c83266069ad931d5341
-
SHA256
857eabbcb32012511e0765ed77681e299c8661aa4dd64dee57e4bc9f79737398
-
SHA512
30dc06f0f01dd0a4568d8fad3e868197795c828ee2506a1e188d2c3fe11a2a2a6ebcea3a3d34ef498ec4df03e5f0763ef53fb0d91cbb1337ff6420fc86827107
-
SSDEEP
12288:XuD09AUkNIGBYYv4eK13x13nZHSRVMf139F5wIB7+IwtHwBtVxbesvZDSn+DY:K09AfNIEYsunZvZ19Z4s
Score3/10 -