MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c3507c427f61711edc73e2ea4fe84bac8c420285ac0d2e160f39c1aa2ffe7557. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



RemcosRAT


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments

SHA256 hash: c3507c427f61711edc73e2ea4fe84bac8c420285ac0d2e160f39c1aa2ffe7557
SHA3-384 hash: 2fa798592262038e89d4b3eb7cd82a380cab9d9fffecf801b41f49e25fb745579c4f4a6fe15a182ab59b63929a7ce493
SHA1 hash: 3c658b0aa6efe317aba1502e46b44b8962a4655f
MD5 hash: 4b3c318a3747a62ea3d57059b5e35e9c
humanhash: tennis-uniform-spaghetti-pennsylvania
File name:Quotation.uue
Download: download sample
Signature RemcosRAT
File size:475'905 bytes
First seen:2024-08-14 17:08:23 UTC
Last seen:Never
File type: uue
MIME type:application/x-rar
ssdeep 12288:JMFjS5LETE8wEgc6Z5FMIoJZDN58A2c4S3VK9ZwbjHBj:uS52Qlc6lMIoJZn8A2c4OK9YjHBj
TLSH T14CA4235D4739D7DBF06A59E4E2A2F8CD667C01C633C990945609DBB70BA8638DCB708C
TrID 58.3% (.RAR) RAR compressed archive (v-4.x) (7000/1)
41.6% (.RAR) RAR compressed archive (gen) (5000/1)
Reporter cocaman
Tags:QUOTATION RemcosRAT RFQ uue


Avatar
cocaman
Malicious email (T1566.001)
From: "info@qiqnx.com" (likely spoofed)
Received: "from mail0.qiqnx.com (mail0.qiqnx.com [193.42.36.137]) "
Date: "12 Aug 2024 22:54:29 -0700"
Subject: "RFQ"
Attachment: "Quotation.uue"

Intelligence


File Origin
# of uploads :
1
# of downloads :
106
Origin country :
CH CH
Vendor Threat Intelligence
Verdict:
Malicious
Score:
97.4%
Tags:
Discovery Execution Generic Infostealer Network Static Stealth Trojan
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
borland_delphi fingerprint keylogger
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
Win32.Trojan.Remcos
Status:
Malicious
First seen:
2024-08-13 17:10:24 UTC
File Type:
Binary (Archive)
Extracted files:
100
AV detection:
16 of 38 (42.11%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

RemcosRAT

uue c3507c427f61711edc73e2ea4fe84bac8c420285ac0d2e160f39c1aa2ffe7557

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments