Cybercrime, RemcosRAT via bank remittance is back
The 2 attached pdfs, taking advantage of an exploit for the CVE-2017-11882 vulnerability, extract an xls that contacts a url and downloads the malware.
Cybercrime: RemcosRAT campaign via fake bank remittance
The xlsx attachment contains an exe file: the malware itself.
Cybercrime, RemcosRAT campaign via fake RFQ
The 7z email attachment contains an exe file: the malware itself.
Cybercrime, “Purchase order_2022” conveys the new RemcosRAT campaign
The email contains a rar attachment. Inside there is an exe: the malware itself, which activates the chain of infection.
Cybercrime, fake FedEX shipment carries Remcos
The 7z attachment of the email, dated January 11, 2022, contains an exe: the malware itself. This, if opened, activates the infection chain.
Cybercrime, new RemcosRAT campaign via DHL
The email tar attachment contains the malware itself. If opened, it activates the infection chain.
Cybercrime, new Remcos aggressive campaign via DHL
Three different emails in one day with the same xls attachment: the malware itself. The file, if opened, activates the infection chain.
Cybercrime, triple Remcos attack via RFQ
Three emails have different request numbers, but identical text and tar attachment. Inside is an exe: the malware itself.
Cybercrime, Remcos campaign is back via shipping documents
The email tar attachment contains an exe, the malware itself: a RAT with different capabilities.
Cybercrime, new Remcos campaign via purchase orders
The email cab attachment contains an exe: the malware itself. This is a RAT with several capabilities.