General
-
Target
ece85809d230590363da74db6749fccdcc80dbd3f47359e478db0c4e0d6e3010.exe
-
Size
482KB
-
Sample
250207-glm4va1mey
-
MD5
5899106d7ef4bf9c393437fc2851b936
-
SHA1
0693d81f3ef85e8d5820563d7cedd2c54361970f
-
SHA256
ece85809d230590363da74db6749fccdcc80dbd3f47359e478db0c4e0d6e3010
-
SHA512
43144a07e3a2d52ea766d6f1a9b995ec902fd0995e5e1515e70eb135f94483d7fe1423738fe0b11b6e56394c7d53d77dbb0bcbc03cc6fd73ba6e35fd957f4657
-
SSDEEP
12288:J13ak/mBXTG4/1v08KI7ZnMEF76JqmsvZQvS:bak/mBXTV/R0nEF76gFZA
Malware Config
Extracted
remcos
RemoteHost
papersmoneygang.store:2404
-
audio_folder
MicRecords
-
audio_path
ApplicationPath
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-LY146B
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
ece85809d230590363da74db6749fccdcc80dbd3f47359e478db0c4e0d6e3010.exe
-
Size
482KB
-
MD5
5899106d7ef4bf9c393437fc2851b936
-
SHA1
0693d81f3ef85e8d5820563d7cedd2c54361970f
-
SHA256
ece85809d230590363da74db6749fccdcc80dbd3f47359e478db0c4e0d6e3010
-
SHA512
43144a07e3a2d52ea766d6f1a9b995ec902fd0995e5e1515e70eb135f94483d7fe1423738fe0b11b6e56394c7d53d77dbb0bcbc03cc6fd73ba6e35fd957f4657
-
SSDEEP
12288:J13ak/mBXTG4/1v08KI7ZnMEF76JqmsvZQvS:bak/mBXTV/R0nEF76gFZA
Score3/10 -