Malware-Traffic-Analysis.net - 2019-09-03 - pcap and malware for an ISC diary (Remcos RAT)

2019-09-03 - PCAP AND MALWARE FOR AN ISC DIARY (REMCOS RAT)

NOTES:

The ISC diary is for Wednesday 2019-09-04: Malspam using password-protected Word docs to push Remcos RAT
Zip files are password-protected. If you don't know the password, look at the "about" page of this website.

ASSOCIATED FILES:

2019-09-03-password-protected-Word-doc-pushes-Remcos-RAT.pcap.zip 568 kB (568,379 bytes)

2019-09-03-password-protected-Word-doc-pushes-Remcos-RAT.pcap (1,274,254 bytes)

2019-09-03-Word-doc-and-Remcos-RAT-malware-and-artifacts.zip 1.3 MB (1,361,909 bytes)

2019-09-03-password-protected-Word-doc-with-macro-for-Remcos-RAT.doc (37,752 bytes)

2019-09-03-macro-from-password-protected-Word-doc.txt (1,618 bytes)

2019-09-03-initial-EXE-retreived-by-Word-macro.exe (1,064,960 bytes)

2019-09-03-Recmos-RAT-persistent-on-infected-host.exe (400,749,569 bytes)

2019-09-03-Windows-regsitry-update-caused-by-Remcos-RAT.txt (1,480 bytes)

Click here to return to the main page.