Overview

overview

10

Static

static

3

Remcos Pro...22.zip

windows11-21h2-x64

1

LICENSE

windows11-21h2-x64

1

Remcos Pro...le.ini

windows11-21h2-x64

3

Remcos Pro...22.exe

windows11-21h2-x64

10

Remcos Pro...gs.ini

windows11-21h2-x64

3

Analysis

  • max time kernel
    24s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    03-01-2025 19:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Remcos Professional Cracked By Alcatraz3222.zip

  • Size

    17.3MB

  • MD5

    ea3fd7407073aae0205a02f10c1f826f

  • SHA1

    aeb5a674da5bbdea4e1b42470e6e059b730b88a6

  • SHA256

    bdb96b7a1a75fa4f56d1b1f922d80f029c12df21df49cbbfd1f2a3175d604195

  • SHA512

    bf69f80a585eed54b599cb5adf285ca0576650b275daef6e502eae2d564906950cb4a13821b67325bc1c2ba0ca6436401f562c279cc42d3590e0f8becfec028f

  • SSDEEP

    393216:2+Y8LpIcxbEWd4rSrwcJY2sG1l/TTwizV1iBLzCoa+++OvPrTy:/yMwWqrXc+G1l7TwiRI9z8++TTy

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Remcos Professional Cracked By Alcatraz3222.zip"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:5544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads