Remcos2

Remcos RAT Breaking-Security. SCAN DOC LOI RAR lure. svch0st typosquat PDB. Boost C++ Crypto++. NtQuerySemaphore.

Threat Profile
Type RAT
Programming LanguageC++
C2 ProtocolTCP/RC4
First Seen2016
Targets Küresel
Purpose / Capabilities
  • Remote Access+Keylogger
No C2 servers have been identified for this family yet.

Research Reports (1)

High

Remcos -- SCAN DOC LOI.r00 RAR Lure, svch0st.877.exe PDB, AbbsChevis@protonmail.com, NtQuerySemaphore | Yüksek

Remcos 1.2MB SCAN DOC LOI.r00 RAR first volume lure. PDB svch0st.877.exe svchost typosquat. AbbsChevis@protonmail.com. NtQuerySemaphore.

Read Report →