2019-09-03 - PCAP AND MALWARE FOR AN ISC DIARY (REMCOS RAT)
NOTES:
- The ISC diary is for Wednesday 2019-09-04: Malspam using password-protected Word docs to push Remcos RAT
- Zip files are password-protected. If you don't know the password, look at the "about" page of this website.
ASSOCIATED FILES:
- 2019-09-03-password-protected-Word-doc-pushes-Remcos-RAT.pcap.zip 568 kB (568,379 bytes)
- 2019-09-03-password-protected-Word-doc-pushes-Remcos-RAT.pcap   (1,274,254 bytes)
- 2019-09-03-Word-doc-and-Remcos-RAT-malware-and-artifacts.zip 1.3 MB (1,361,909 bytes)
- 2019-09-03-password-protected-Word-doc-with-macro-for-Remcos-RAT.doc   (37,752 bytes)
- 2019-09-03-macro-from-password-protected-Word-doc.txt   (1,618 bytes)
- 2019-09-03-initial-EXE-retreived-by-Word-macro.exe   (1,064,960 bytes)
- 2019-09-03-Recmos-RAT-persistent-on-infected-host.exe   (400,749,569 bytes)
- 2019-09-03-Windows-regsitry-update-caused-by-Remcos-RAT.txt   (1,480 bytes)
Click here to return to the main page.