General
-
Target
2025-04-05_30236a963d4ba7b9a050852551d339f2_black-basta_luca-stealer_remcos
-
Size
469KB
-
Sample
250405-v4b17avpy9
-
MD5
30236a963d4ba7b9a050852551d339f2
-
SHA1
5488a3c24d2b7663a0a8e9cd84c62c1325ce0f0b
-
SHA256
48da51c691434c68fb19ccd50bfa4b647aae3bd1790fbe696ad30a7a373142a0
-
SHA512
44830968d301476129fc1dae25881418b15fb6c1b87fd7b9a8d98aeb564afef687ba27e44cbab69348553a776fae19fcb8de2020a7b9b3c7076f95fd89881f3f
-
SSDEEP
12288:Omnk7iLJbpIpiRL6I2WFKQ9ZsfZQSHn9:2iLJbpI7I2WHqZ7H9
Malware Config
Extracted
remcos
ServerT
vtrow.ydns.eu:2404
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
conhost.exe
-
copy_folder
Microsoft
-
delete_file
false
-
hide_file
true
-
hide_keylog_file
false
-
install_flag
false
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-OYYBQ1
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
Edge
-
take_screenshot_option
false
-
take_screenshot_time
5
Targets
-
-
Target
2025-04-05_30236a963d4ba7b9a050852551d339f2_black-basta_luca-stealer_remcos
-
Size
469KB
-
MD5
30236a963d4ba7b9a050852551d339f2
-
SHA1
5488a3c24d2b7663a0a8e9cd84c62c1325ce0f0b
-
SHA256
48da51c691434c68fb19ccd50bfa4b647aae3bd1790fbe696ad30a7a373142a0
-
SHA512
44830968d301476129fc1dae25881418b15fb6c1b87fd7b9a8d98aeb564afef687ba27e44cbab69348553a776fae19fcb8de2020a7b9b3c7076f95fd89881f3f
-
SSDEEP
12288:Omnk7iLJbpIpiRL6I2WFKQ9ZsfZQSHn9:2iLJbpI7I2WHqZ7H9
Score3/10 -