Technical analysis by the Malware Hunter JAMESWT

RemcosRAT campaign via fake bank remittance. The xlsx attachment contains an exe file: the malware itself

A false bank remittance is the lure of a new RemcosRAT campaign.

The xlsx attachment contains an exe file: the malware itself. This, if open, activates the chain of infection. Remcos is a cybercrime Remote Access Trojan (RAT), associated above all with courier-themed phishing campaigns and with a wide range of features: such as closely monitoring user activities, recording audio and video content, credentials, digital currency theft, download of additional payloads and exfiltration of confidential data avoiding detection and sandboxes.

Malware C2