General
-
Target
a370eacabf4af9caa5502c39b40c95eda6be23666231e24da1b56277a222f3e9.exe
-
Size
92KB
-
Sample
241217-eq3c8a1mdl
-
MD5
6f6137e6f85dc8dac7ff87ca4c86af4c
-
SHA1
fc047ad39f8f2f57fa6049e1883ccab24bea8f82
-
SHA256
a370eacabf4af9caa5502c39b40c95eda6be23666231e24da1b56277a222f3e9
-
SHA512
2a3d60bac0a40730b49d361d13000115539c448ef1ecbbffafa22ebe78fc9009db0846e84e7f3c3526d22d5531cedddae8fae7678f453e48876581824cd9dea4
-
SSDEEP
1536:ohhW0YTGZWdVseJxaM9kraLdV2QkQ1TbPX8IHOCkIsI4ESHNTh9E+JP19qkP60rq:uhzYTGWVvJ8f2v1TbPzuMsIFSHNThy+O
Malware Config
Extracted
remcos
1.7 Pro
Host
tr3.localto.net:40505
-
audio_folder
audio
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
5
-
copy_file
remcos.exe
-
copy_folder
remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
remcos_yxflxtczmk
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screens
-
screenshot_path
%AppData%
-
screenshot_time
1
-
startup_value
remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
a370eacabf4af9caa5502c39b40c95eda6be23666231e24da1b56277a222f3e9.exe
-
Size
92KB
-
MD5
6f6137e6f85dc8dac7ff87ca4c86af4c
-
SHA1
fc047ad39f8f2f57fa6049e1883ccab24bea8f82
-
SHA256
a370eacabf4af9caa5502c39b40c95eda6be23666231e24da1b56277a222f3e9
-
SHA512
2a3d60bac0a40730b49d361d13000115539c448ef1ecbbffafa22ebe78fc9009db0846e84e7f3c3526d22d5531cedddae8fae7678f453e48876581824cd9dea4
-
SSDEEP
1536:ohhW0YTGZWdVseJxaM9kraLdV2QkQ1TbPX8IHOCkIsI4ESHNTh9E+JP19qkP60rq:uhzYTGWVvJ8f2v1TbPzuMsIFSHNThy+O
Score3/10 -