Remcos RAT – Lost in Security (and mostly everything else)

Posts tagged "Remcos RAT"

2022-05-13 Quick Remcos Deobfusction

Herbie Zimmerman May 17, 2022 May 17, 2022Code 0

Summary ========= Decided that I would take a crack at trying to deobfuscate the VBScript that was in a sample of Remcos malspam since I haven’t been doing it for a long while. The VBScript can be found over at Any.Run inside a zip file (malspam attachment). I’ll do a…

2018-02-17 Remcos RAT from malspam

Herbie Zimmerman February 18, 2018 February 18, 2018Packet Analysis 0

Earlier this morning I came across some emails that had a subject line that caught my attention. They were all from the same sender and all of them had the same maldoc attached to them. From what I can tell this looks to be related to the REMCOS RAT as…