2019-09-03 - PCAP AND MALWARE FOR AN ISC DIARY (REMCOS RAT)
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
REFERENCE:
- The associated ISC diary is Malspam using password-protected Word docs to push Remcos RAT.
ASSOCIATED FILES:
- 2019-09-03-password-protected-Word-doc-pushes-Remcos-RAT.pcap.zip 568 kB (568,379 bytes)
- 2019-09-03-password-protected-Word-doc-pushes-Remcos-RAT.pcap   (1,274,254 bytes)
- 2019-09-03-Word-doc-and-Remcos-RAT-malware-and-artifacts.zip 1.36 MB (1,362,721 bytes)
- 2019-09-03-password-protected-Word-doc-with-macro-for-Remcos-RAT.doc   (37,752 bytes)
- 2019-09-03-macro-from-password-protected-Word-doc.txt   (1,618 bytes)
- 2019-09-03-initial-EXE-retreived-by-Word-macro.exe   (1,064,960 bytes)
- 2019-09-03-Recmos-RAT-persistent-on-infected-host.exe   (400,749,569 bytes)
- 2019-09-03-Windows-regsitry-update-caused-by-Remcos-RAT.txt   (1,480 bytes)
Click here to return to the main page.