skip to Main Content

Cybercrime, RemcosRAT campaign via fake RFQ

RemcosRAT campaign via RFQ. 7z email attachment contains an exe file: the malware itself

A fake Request For Quotation (RFQ) hides a new global RemcosRAT campaign.

The 7z email attachmentcontains an exe file: the malware itself. This, if open, activates the chain of infection. Remcos is a cybercrime Remote Access Trojan (RAT), associated above all with courier-themed phishing campaigns and with a wide range of features: such as closely monitoring user activities, recording audio and video content, credentials, digital currency theft, download of additional payloads and exfiltration of confidential data avoiding detection and sandboxes.

Malware C2

Back To Top