General
-
Target
344-32-0x0000000000E10000-0x0000000001E72000-memory.dmp
-
Size
16.4MB
-
Sample
241209-glgl3azpbw
-
MD5
e1134fe2c2f40e31eb007e549ce38019
-
SHA1
d36679e980fa3ff26f4ef3d6301495719872fd32
-
SHA256
48754b6a231daf9e318b02c56a125d8631753eecab061ae4cc2b5c4155ae870d
-
SHA512
d1ad60045ed61b03637efc780096d160280343eb5ff288e33652b33cf85958a2586e56afdb44d2903de7748397015cc5f6d87053db66879f8203cdc280b104f7
-
SSDEEP
6144:Td1N4M/M/QszmdBIz5c89MSdriRAtWoSKegsAOZZnsXNcZ9T4:TTv/WQoEOz+89MStikZs/ZnnT4
Malware Config
Extracted
remcos
RemoteHost
154.216.18.214:2404
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-AOD6MB
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
344-32-0x0000000000E10000-0x0000000001E72000-memory.dmp
-
Size
16.4MB
-
MD5
e1134fe2c2f40e31eb007e549ce38019
-
SHA1
d36679e980fa3ff26f4ef3d6301495719872fd32
-
SHA256
48754b6a231daf9e318b02c56a125d8631753eecab061ae4cc2b5c4155ae870d
-
SHA512
d1ad60045ed61b03637efc780096d160280343eb5ff288e33652b33cf85958a2586e56afdb44d2903de7748397015cc5f6d87053db66879f8203cdc280b104f7
-
SSDEEP
6144:Td1N4M/M/QszmdBIz5c89MSdriRAtWoSKegsAOZZnsXNcZ9T4:TTv/WQoEOz+89MStikZs/ZnnT4
Score1/10 -