General
-
Target
release.exe
-
Size
423KB
-
Sample
241215-sdmznazken
-
MD5
be4cbe10f071b583895eb48b532e837a
-
SHA1
cf7fe65594aa9d74a23b35cb608c01e6a7912014
-
SHA256
610f0ac7f61d0e450281941a5476f6316fa14ddd6fd06210029905246b56b0ef
-
SHA512
7fbe0c286bebc18db0e46f17757ce824b643856d2d647eef8e9ec1d66c5af145bfdbac4904c2f494d1d6e4480fd96aaa7de7c66bfd1083c2d3a841c08b42e47a
-
SSDEEP
6144:YeghbOV4Asvo/Z+wo6TmTIHnqgKIuTi5gTaWnLLDt1dbWAOaKapXFWbcF5U:YeKbOV4A3ho9IKNti5gT/wUzzWYU
Behavioral task
behavioral1
Sample
release.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
remcos
3.8.0 Light
electron
204.10.194.175:4444
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
WindowsUpdater.exe
-
copy_folder
WindowsUpdater
-
delete_file
true
-
hide_file
true
-
hide_keylog_file
false
-
install_flag
true
-
install_path
%SystemDrive%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-KV6OTY
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
WindowsUpdater
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
release.exe
-
Size
423KB
-
MD5
be4cbe10f071b583895eb48b532e837a
-
SHA1
cf7fe65594aa9d74a23b35cb608c01e6a7912014
-
SHA256
610f0ac7f61d0e450281941a5476f6316fa14ddd6fd06210029905246b56b0ef
-
SHA512
7fbe0c286bebc18db0e46f17757ce824b643856d2d647eef8e9ec1d66c5af145bfdbac4904c2f494d1d6e4480fd96aaa7de7c66bfd1083c2d3a841c08b42e47a
-
SSDEEP
6144:YeghbOV4Asvo/Z+wo6TmTIHnqgKIuTi5gTaWnLLDt1dbWAOaKapXFWbcF5U:YeKbOV4A3ho9IKNti5gT/wUzzWYU
Score3/10 -