skip to Main Content

Cybercrime: RemcosRAT campaign via fake bank remittance

Technical analysis by the Malware Hunter JAMESWT

RemcosRAT campaign via fake bank remittance. The xlsx attachment contains an exe file: the malware itself

A false bank remittance is the lure of a new RemcosRAT campaign.

 

The xlsx attachment contains an exe file: the malware itself. This, if open, activates the chain of infection. Remcos is a cybercrime Remote Access Trojan (RAT), associated above all with courier-themed phishing campaigns and with a wide range of features: such as closely monitoring user activities, recording audio and video content, credentials, digital currency theft, download of additional payloads and exfiltration of confidential data avoiding detection and sandboxes.

Malware C2

Back To Top