MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 048730f83e459194bb327fbe22a255d5c19164b535cfc911c30bc207d1c97d36. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RemcosRAT


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 048730f83e459194bb327fbe22a255d5c19164b535cfc911c30bc207d1c97d36
SHA3-384 hash: d72c08052ce31fb29b229a6a9a99985520c3755fd7c2a3877c43cafff6aa841fc73a04980feaa1ca2c117ecb006bd325
SHA1 hash: 1f704e0d4098fb7825679f01059e3a0905ce7be6
MD5 hash: 8c4625301f60faf086c3942eeb6eb235
humanhash: double-fix-oklahoma-hot
File name:Acuerdo De Pago_08412577907_583208_498901018085408841199_01976928_03291424434610_210182491400482.tgz
Download: download sample
Signature RemcosRAT
Create hunting rule
File size:401'292 bytes
First seen:2020-10-16 12:22:49 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:aqZjHlkIn+5RlCmhVK7syM030GqozOyYjS7cd84o2fhdlN5hbBov90p9mAxI1wR+:aShEosyM0K2AdnXNXtoxCI1p
TLSH 0C84232E12900857294CDC8E8E32993D9DAB50B5F7977F21C1C9B3A5F976B070B9827C
Reporter abuse_ch
Tags:Outlook RAT RemcosRAT tgz


Avatar
abuse_ch
Malspam distributing RemcosRAT:

HELO: NAM02-CY1-obe.outbound.protection.outlook.com
Sending IP: 40.92.4.80
From: pedro paloma <molinosdeviento_@outlook.com>
Subject: COBRO JURIDICO SERFINANZA
Attachment: Acuerdo De Pago_08412577907_583208_498901018085408841199_01976928_03291424434610_210182491400482.tgz (contains "Acuerdo De Pago_08412577907_583208_498901018085408841199_01976928_03291424434610_210182491400482_pdf.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
82
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/048730f83e459194bb327fbe22a255d5c19164b535cfc911c30bc207d1c97d36/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=asdtb6b6iwizjozsp67cfisv2xazczfvgxh4seodbpbapuojpu3a._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/048730f83e459194bb327fbe22a255d5c19164b535cfc911c30bc207d1c97d36

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

RemcosRAT

rar 048730f83e459194bb327fbe22a255d5c19164b535cfc911c30bc207d1c97d36

(this sample)

RemcosRAT

Executable exe ef83d81d11a67e30b60aee43b96466b0c372d4db23fb1d1cafc8757b2393581b

  
Dropping
MD5 732ff39e0ac42fdb758e51fda77caf7c
  
Dropping
RemcosRAT
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 ef83d81d11a67e30b60aee43b96466b0c372d4db23fb1d1cafc8757b2393581b

Comments