MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 c07d6b1d50f4011321ace28058ddfe1cea863fdbf328ead6075d7b25cba9ace3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
RemcosRAT
Vendor detections: 3
| SHA256 hash: | c07d6b1d50f4011321ace28058ddfe1cea863fdbf328ead6075d7b25cba9ace3 |
|---|---|
| SHA3-384 hash: | febb9d25655183a5152bbe6f609e50aadb05826ac154f1e84bbe4e7619d5afb94328b28f5d654fabc6b8d8094c1fb03f |
| SHA1 hash: | 315e73b395513408fdee35bf2f53af2584d328f8 |
| MD5 hash: | 3247775fbb488b5c51521f11332ac9c2 |
| humanhash: | louisiana-mexico-kansas-cold |
| File name: | UPS Detail.img |
| Download: | download sample |
| Signature | RemcosRAT |
| File size: | 1'245'184 bytes |
| First seen: | 2020-10-20 08:32:36 UTC |
| Last seen: | Never |
| File type: | img |
| MIME type: | application/x-iso9660-image |
| ssdeep | 12288:IjLFe0Osk2iNwRLIqKZONDwX01UO1P2jFROZUt:IqF1S0qyp0ojS |
| TLSH | 2145DF7123F89F65E03E57790430A1418FF1A457D7A2D6A97ECC52AE4F26B824B33B12 |
| Reporter |  abuse_ch |
| Tags: | img RAT RemcosRAT UPS |
abuse_ch
Malspam distributing RemcosRAT:HELO: mysmtp3
Sending IP: 40.91.70.93
From: UPS Customer Service <pkinfo@ups.com>
Subject: UPS - Package Arrival Notification
Attachment: UPS Detail.img (contains "lC75W1CoWmAaCKA.exe")
Intelligence
File Origin
# of uploads :
1
# of downloads :
64
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Dropping
RemcosRAT
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.