rms | 933c2c61a8facd00921e5c1dd32ef4e28ce207024f7a7645a2ff011dd7934f39 | Triage

Sharing

General

Target

933c2c61a8facd00921e5c1dd32ef4e28ce207024f7a7645a2ff011dd7934f39N.exe
Size

2.0MB
Sample

250323-abm8jatwgx
MD5

c7dfbd56245199ddbcf753ce25171980
SHA1

57957b930ff5623aa6db5dbff1c3dcdab45309d8
SHA256

933c2c61a8facd00921e5c1dd32ef4e28ce207024f7a7645a2ff011dd7934f39
SHA512

a28df5ededa594e0af24aa67bba26e71532bd6ebc617ea10ec3c087771e37650dd5751614b7d41b9c58a403e81cc61b5cf90014ea05d21d0feac1c4fc48f1d28
SSDEEP

49152:zf6zWPhbAUmIeePjpMxKzvR9O7PoU4WBcOU7m69oU5e:zfsWN8elMxavmJ4jOU72U5e

Score

10^/10

rms discovery rat trojan

Malware Config

Targets

- Target
  
  933c2c61a8facd00921e5c1dd32ef4e28ce207024f7a7645a2ff011dd7934f39N.exe
- Size
  
  2.0MB
- MD5
  
  c7dfbd56245199ddbcf753ce25171980
- SHA1
  
  57957b930ff5623aa6db5dbff1c3dcdab45309d8
- SHA256
  
  933c2c61a8facd00921e5c1dd32ef4e28ce207024f7a7645a2ff011dd7934f39
- SHA512
  
  a28df5ededa594e0af24aa67bba26e71532bd6ebc617ea10ec3c087771e37650dd5751614b7d41b9c58a403e81cc61b5cf90014ea05d21d0feac1c4fc48f1d28
- SSDEEP
  
  49152:zf6zWPhbAUmIeePjpMxKzvR9O7PoU4WBcOU7m69oU5e:zfsWN8elMxavmJ4jOU72U5e
Score

10^/10

rms discovery rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Rms family
  rms
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rmsdiscoveryrattrojan

behavioral2

rmsdiscoveryrattrojan