General
-
Target
c0a79dc0d3f50d082eafa258547e91272561c34af0f087fc9447b059dda4e8be
-
Size
84KB
-
Sample
250324-zmxc1syq19
-
MD5
2ecf5ed3b66fc45b8d1d1a7a518ae597
-
SHA1
5c21d162011e4f9c9e20e3a41c7c12c2b22d936c
-
SHA256
c0a79dc0d3f50d082eafa258547e91272561c34af0f087fc9447b059dda4e8be
-
SHA512
f108764e9f32973812d13c8038222f86af8e115118887570771c56ccf6c4a07071d7d97ed293f0814c7981a14915d167e35fd8ed5043f18e4e170f6bce8f2b57
-
SSDEEP
1536:qpNEsaeiQl8TIqytzRJl+uiNuI7FFCPBsZcOzq1T35T/tWLeILtVo8V:qpNEaiQl2qouiNdFFCiZcOz+TJ/2eAt
Malware Config
Extracted
remcos
2.2.0 Light
Test
172.16.18.246:2404
-
audio_folder
MicRecords
-
audio_path
%AppData%
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
3
-
copy_file
remcos.exe
-
copy_folder
remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
install_path
%AppData%
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
keylog_path
%AppData%
-
mouse_option
false
-
mutex
Remcos-KYI8EE
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
remcos
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
c0a79dc0d3f50d082eafa258547e91272561c34af0f087fc9447b059dda4e8be
-
Size
84KB
-
MD5
2ecf5ed3b66fc45b8d1d1a7a518ae597
-
SHA1
5c21d162011e4f9c9e20e3a41c7c12c2b22d936c
-
SHA256
c0a79dc0d3f50d082eafa258547e91272561c34af0f087fc9447b059dda4e8be
-
SHA512
f108764e9f32973812d13c8038222f86af8e115118887570771c56ccf6c4a07071d7d97ed293f0814c7981a14915d167e35fd8ed5043f18e4e170f6bce8f2b57
-
SSDEEP
1536:qpNEsaeiQl8TIqytzRJl+uiNuI7FFCPBsZcOzq1T35T/tWLeILtVo8V:qpNEaiQl2qouiNdFFCiZcOz+TJ/2eAt
Score3/10 -