Remcos2
Remcos RAT Breaking-Security. SCAN DOC LOI RAR lure. svch0st typosquat PDB. Boost C++ Crypto++. NtQuerySemaphore.
Threat Profile
Type
RAT
Programming LanguageC++
C2 ProtocolTCP/RC4
First Seen2016
Targets
Küresel
Purpose / Capabilities
- Remote Access+Keylogger
No C2 servers have been identified for this family yet.
Research Reports (1)
Remcos -- SCAN DOC LOI.r00 RAR Lure, svch0st.877.exe PDB, AbbsChevis@protonmail.com, NtQuerySemaphore | Yüksek
Remcos 1.2MB SCAN DOC LOI.r00 RAR first volume lure. PDB svch0st.877.exe svchost typosquat. AbbsChevis@protonmail.com. NtQuerySemaphore.
Read Report →