General
-
Target
2025-04-05_1a6735d95aaf0063aa4e8e5cf51fc662_amadey_black-basta_luca-stealer_remcos_smoke-loader
-
Size
431KB
-
Sample
250405-2h4bwaw1cv
-
MD5
1a6735d95aaf0063aa4e8e5cf51fc662
-
SHA1
46f69876a9096579981d57f31645c89a922b9dcc
-
SHA256
b2e60d3efcf48bdc3f3c3a476de2a71d3a29728bffa7f04f0f1f4114eaaff465
-
SHA512
7a3c7c7e0b2c380ab27d5aca70d520b5429493ce2a3240a46fb45fce1d809c8a3949cec5a5c7064845cbd09349954bfce22f4ff74c9cbdfc5405633e3f3f41be
-
SSDEEP
6144:PIdUXq44bq4LrqMUz2y6cdjJ4nCb0KhEekcdK5xAO2ujXapSc3kou:PIdU6tdyDJZQKhEe7WAuWpmou
Malware Config
Extracted
remcos
6.1.1 Light
svchost.exe
66.113.31.17:7547
-
audio_folder
MicRecords
-
audio_path
ApplicationPath
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
remcos.exe
-
copy_folder
Remcos
-
delete_file
false
-
hide_file
false
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
N687gfdzT-LNKK1Z
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
2025-04-05_1a6735d95aaf0063aa4e8e5cf51fc662_amadey_black-basta_luca-stealer_remcos_smoke-loader
-
Size
431KB
-
MD5
1a6735d95aaf0063aa4e8e5cf51fc662
-
SHA1
46f69876a9096579981d57f31645c89a922b9dcc
-
SHA256
b2e60d3efcf48bdc3f3c3a476de2a71d3a29728bffa7f04f0f1f4114eaaff465
-
SHA512
7a3c7c7e0b2c380ab27d5aca70d520b5429493ce2a3240a46fb45fce1d809c8a3949cec5a5c7064845cbd09349954bfce22f4ff74c9cbdfc5405633e3f3f41be
-
SSDEEP
6144:PIdUXq44bq4LrqMUz2y6cdjJ4nCb0KhEekcdK5xAO2ujXapSc3kou:PIdU6tdyDJZQKhEe7WAuWpmou
Score3/10 -