MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 08c2a762cd4e60e50671061f4fc4789c5d54bf530402c857f335cc8801134277. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RemcosRAT


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 08c2a762cd4e60e50671061f4fc4789c5d54bf530402c857f335cc8801134277
SHA3-384 hash: a15e1e948e694a1d46725e381ac90eed7585bf515152011c31f88f745dbc35ac68cc629977c857424771564e76937c92
SHA1 hash: 7d41232ce773a268041b9f128153fefba792df98
MD5 hash: 0d28d34c98be7a043f48ee115546dfb6
humanhash: arkansas-alabama-london-orange
File name:Cobro Juridico_05753020224_69176802_55490852084492_175417831_643403628287283693_1555820430.tgz
Download: download sample
Signature RemcosRAT
Create hunting rule
File size:590'632 bytes
First seen:2020-11-20 07:53:07 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:QOB4sgfoz84suBbALMJEIeVZZit3Ib/eN1L8f7seun/CsD6WBH6Km+:nsozouBTuit3IbsLQ7hunzWWp1
TLSH 66C423D312D1B5AE33AE1B71C5628288F794851543E12F50EC5A9E30F3E4B96BA3F381
Reporter abuse_ch
Tags:Outlook RAT RemcosRAT tgz


Avatar
abuse_ch
Malspam distributing RemcosRAT:

HELO: NAM02-SN1-obe.outbound.protection.outlook.com
Sending IP: 40.92.5.39
From: patricia garcia montoya <patriciagarciaconta@hotmail.com>
Subject: COBRO JURIDICO SERFINANZA.
Attachment: Cobro Juridico_05753020224_69176802_55490852084492_175417831_643403628287283693_1555820430.tgz (contains "Cobro Juridico_05753020224_69176802_55490852084492_175417831_643403628287283693_1555820430_pdf.exe")

RemcosRAT C2:
databasepropersonombrecomercialideasearchwords.services:7580 (186.169.53.6)

Intelligence

File Origin
# of uploads :
1
# of downloads :
132
Origin country :
n/a
Vendor Threat Intelligence
Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/08c2a762cd4e60e50671061f4fc4789c5d54bf530402c857f335cc8801134277/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=bdbkoywnjzqokbtraypu7rdytrovjp2taqbmqv7tgxgiqaitij3q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

RemcosRAT

rar 08c2a762cd4e60e50671061f4fc4789c5d54bf530402c857f335cc8801134277

(this sample)

RemcosRAT

Executable exe 58d5f679e704a0814342eb3a02eaf780d737c6456e5ae070986330db2fa6dd18

  
Dropping
MD5 18e3fea0d66181dede5cefb6bcd9b6cb
  
Dropping
RemcosRAT
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 58d5f679e704a0814342eb3a02eaf780d737c6456e5ae070986330db2fa6dd18

Comments