General
-
Target
17377014046d9bf625c694f5a4b14feb6ac0828ab142b84d7ed2fd8a4ef7925d0064e90408362.dat-decoded.exe
-
Size
482KB
-
Sample
250124-hmgtwsxjar
-
MD5
95052856d13aecd60b1ce85421e781e6
-
SHA1
deb7d436f4f76044a17b3a0f99c1d3f810475635
-
SHA256
08636b2005b38ded72accd100f22051c9ab9e5e072a003af09982affca769771
-
SHA512
0fb086256f0f961b752b9b539e893cdf7a94e1a15f431c1600a325337d23d0995c63cda4b42b317a1d360ad492e12533c7a02361eb110a6fb5bb57f558a96d34
-
SSDEEP
12288:d13ak/mBXTG4/1v08KI7ZnMEF76JqmsvZQWS:3ak/mBXTV/R0nEF76gFZ1
Malware Config
Extracted
remcos
18ENERO
francesdomingueslora09.gleeze.com:1880
-
audio_folder
MicRecords
-
audio_path
ApplicationPath
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-FSSQCP
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
17377014046d9bf625c694f5a4b14feb6ac0828ab142b84d7ed2fd8a4ef7925d0064e90408362.dat-decoded.exe
-
Size
482KB
-
MD5
95052856d13aecd60b1ce85421e781e6
-
SHA1
deb7d436f4f76044a17b3a0f99c1d3f810475635
-
SHA256
08636b2005b38ded72accd100f22051c9ab9e5e072a003af09982affca769771
-
SHA512
0fb086256f0f961b752b9b539e893cdf7a94e1a15f431c1600a325337d23d0995c63cda4b42b317a1d360ad492e12533c7a02361eb110a6fb5bb57f558a96d34
-
SSDEEP
12288:d13ak/mBXTG4/1v08KI7ZnMEF76JqmsvZQWS:3ak/mBXTV/R0nEF76gFZ1
Score3/10 -