rms | 8ca3242c611791333d60d1ffc9c2ca23b88b13abbd28a4f61093cd07df1957e1 | Triage

Sharing

General

Target

8ca3242c611791333d60d1ffc9c2ca23b88b13abbd28a4f61093cd07df1957e1.exe
Size

2.0MB
Sample

250323-jd1fbaxnt8
MD5

425fd99bc5bdafa9d7b2c58986da806b
SHA1

8d1ae67038f9b22a4845a559f70ade01c2ee05ef
SHA256

8ca3242c611791333d60d1ffc9c2ca23b88b13abbd28a4f61093cd07df1957e1
SHA512

09deba764e49903e2b5344017765827f5dc5867c286b12afca1e825a3cb9e9126c00490432bc5db0a7d36c81c0b65eb4167cacd1cc5e4a9400b628ab5ac30cee
SSDEEP

49152:zf6zWPhbAUmIeePjpMxKzvR9O7PoU4WBcOU7m69oU5O:zfsWN8elMxavmJ4jOU72U5O

Score

10^/10

rms discovery rat trojan

Malware Config

Targets

- Target
  
  8ca3242c611791333d60d1ffc9c2ca23b88b13abbd28a4f61093cd07df1957e1.exe
- Size
  
  2.0MB
- MD5
  
  425fd99bc5bdafa9d7b2c58986da806b
- SHA1
  
  8d1ae67038f9b22a4845a559f70ade01c2ee05ef
- SHA256
  
  8ca3242c611791333d60d1ffc9c2ca23b88b13abbd28a4f61093cd07df1957e1
- SHA512
  
  09deba764e49903e2b5344017765827f5dc5867c286b12afca1e825a3cb9e9126c00490432bc5db0a7d36c81c0b65eb4167cacd1cc5e4a9400b628ab5ac30cee
- SSDEEP
  
  49152:zf6zWPhbAUmIeePjpMxKzvR9O7PoU4WBcOU7m69oU5O:zfsWN8elMxavmJ4jOU72U5O
Score

10^/10

rms discovery rat trojan
- RMS
  Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.
  trojan rat rms
- Rms family
  rms
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

rmsdiscoveryrattrojan

behavioral2

rmsdiscoveryrattrojan