General
-
Target
skibdi riz.exe
-
Size
423KB
-
Sample
241215-t15nnazlay
-
MD5
475de10be3b23fb9aa5788e3f448057f
-
SHA1
5e53ee929938ec1c7a94d90b79dfb7a131260f9d
-
SHA256
8b4ff5c585465a52b93856cfbcaf4ddaf40a2e9083b1c878cfb707e14eb67e62
-
SHA512
bc8ac8252ba5ee0f10d03b71287052318f11e2a10d289ff3c563f52b7b45e40cf0c056fbd1a0ce309bd9358ee681b1fa6581d8546d390ed2a528f6e72789279b
-
SSDEEP
6144:YeghbOV4Asvo/Z+wo6TmTIHnqgKIuTi5gTaWnLLDt1dbWAOaKapXFWbcF5U:YeKbOV4A3ho9IKNti5gT/wUzzWcU
Malware Config
Extracted
remcos
3.8.0 Light
electron
204.10.194.175:4444
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
WindowsUpdater.exe
-
copy_folder
WindowsUpdater
-
delete_file
true
-
hide_file
true
-
hide_keylog_file
false
-
install_flag
true
-
install_path
%SystemDrive%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-6PIF7X
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
WindowsUpdater
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
skibdi riz.exe
-
Size
423KB
-
MD5
475de10be3b23fb9aa5788e3f448057f
-
SHA1
5e53ee929938ec1c7a94d90b79dfb7a131260f9d
-
SHA256
8b4ff5c585465a52b93856cfbcaf4ddaf40a2e9083b1c878cfb707e14eb67e62
-
SHA512
bc8ac8252ba5ee0f10d03b71287052318f11e2a10d289ff3c563f52b7b45e40cf0c056fbd1a0ce309bd9358ee681b1fa6581d8546d390ed2a528f6e72789279b
-
SSDEEP
6144:YeghbOV4Asvo/Z+wo6TmTIHnqgKIuTi5gTaWnLLDt1dbWAOaKapXFWbcF5U:YeKbOV4A3ho9IKNti5gT/wUzzWcU
Score3/10 -