Overview

overview

10

Static

static

10

2025-04-06...os.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-06_edead195ee6460ba5ffe1e917135b241_amadey_black-basta_cobalt-strike_luca-stealer_remcos

  • Size

    482KB

  • Sample

    250406-m6s4gsyrw5

  • MD5

    edead195ee6460ba5ffe1e917135b241

  • SHA1

    e8c516185a638ce66e7275cd20918081146ae4f4

  • SHA256

    fbaff8c9f8d59f51256a6ee95daf95b7f135593227972e2b2195b7e9cef1e5d4

  • SHA512

    ae020d374085ec9c08af191a22d14e535b204ca028ca5cb2534deef588df1ee34f62f38492d3a7465d38e5bc1ca423364cc7474be4071c1d4f7381b61e3ccac5

  • SSDEEP

    12288:RVV3eVPPGw/FvWimk3tTYY5DHeJsvZIHzS:LV3eVPPF/BSY5DHegZY

Score
10/10
remcossecurexdiscovery

Malware Config

Extracted

Family

remcos

Botnet

SecureX

C2

sptx1.dynuddns.com:5469

sptx.supportrmx.xyz:5471
Attributes
  • audio_folder

    MicRecords

  • audio_record_time

    5

  • connect_delay

    0

  • connect_interval

    1

  • copy_file

    remcos.exe

  • copy_folder

    rmcx

  • delete_file

    false

  • hide_file

    true

  • hide_keylog_file

    true

  • install_flag

    false

  • install_path

    %AppData%

  • keylog_crypt

    false

  • keylog_file

    logs.dat

  • keylog_flag

    false

  • keylog_folder

    rmcx

  • keylog_path

    %AppData%

  • mouse_option

    false

  • mutex

    rmcx-ZVZDK8

  • screenshot_crypt

    false

  • screenshot_flag

    false

  • screenshot_folder

    Screenshots

  • screenshot_path

    %AppData%

  • screenshot_time

    10

  • startup_value

    

  • take_screenshot_option

    false

  • take_screenshot_time

    5

Targets

    • Target

      2025-04-06_edead195ee6460ba5ffe1e917135b241_amadey_black-basta_cobalt-strike_luca-stealer_remcos

    • Size

      482KB

    • MD5

      edead195ee6460ba5ffe1e917135b241

    • SHA1

      e8c516185a638ce66e7275cd20918081146ae4f4

    • SHA256

      fbaff8c9f8d59f51256a6ee95daf95b7f135593227972e2b2195b7e9cef1e5d4

    • SHA512

      ae020d374085ec9c08af191a22d14e535b204ca028ca5cb2534deef588df1ee34f62f38492d3a7465d38e5bc1ca423364cc7474be4071c1d4f7381b61e3ccac5

    • SSDEEP

      12288:RVV3eVPPGw/FvWimk3tTYY5DHeJsvZIHzS:LV3eVPPF/BSY5DHegZY

    Score
    3/10
    discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks