skip to Main Content

Cybercrime, Remcos campaign is back via shipping documents

Malware Hunter JAMESWT Technical Analysis

New Remcos campaign via shipping documents. The email tar attachment contains an exe: the malware itself. This is a RAT with several capabilities

New Remcos campaign via “Invoice and Packing List”. The tar attachment distributed with two identical emails within a short distance of each other contains an exe file: the malware itself.

If opened, it activates the chain of infection. Remcos is a cybercrime Remote Access Trojan (RAT) with a wide range of features such as closely monitoring user activity, recording audio and video content, acquiring credentials, digital currency theft, downloading of additional payloads and exfiltration of confidential data avoiding detection and sandboxes.

Malware C2s

Back To Top