ioc[.]one - OSINT Cyber Threat Intelligence Database

Macintosh HD:Users:Shared:dd:4work:Bitdefender-PR-Whitepaper-Remcos-creat5080-en_EN:Bitdefender-PR-Whitepaper-Remcos-creat5080-en_EN.indd

Show in Graph

Common Information

Type	Value
UUID	0c04c477-79d0-4f7d-b95b-21f55dfb5f85
Fingerprint	1072dafe587ef246358ff3cd673714063fe3ae136294edc9b910b5720dabb483
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 12, 2021, 4:01 p.m.
Added to db	March 12, 2024, 6:29 p.m.
Last updated	Aug. 31, 2024, 4:17 a.m.
Headline	Macintosh HD:Users:Shared:dd:4work:Bitdefender-PR-Whitepaper-Remcos-creat5080-en_EN:Bitdefender-PR-Whitepaper-Remcos-creat5080-en_EN.indd
Title	Macintosh HD:Users:Shared:dd:4work:Bitdefender-PR-Whitepaper-Remcos-creat5080-en_EN:Bitdefender-PR-Whitepaper-Remcos-creat5080-en_EN.indd
Detected Hints/Tags/Attributes	124/4/98

Source URLs

	Redirection	Url
Details	Source	https://www.bitdefender.com/files/News/CaseStudies/study/390/Bitdefender-PR-Whitepaper-Remcos-creat5080-en-EN-GenericUse.pdf

URL Provider

Details	Provider	Source level domain
Details	bitdefender.com	www.bitdefender.com

Attributes

Details	Type	#Events	Value
Details	Domain	128	www.bitdefender.com
Details	Domain	1	app.getresponse.com
Details	Domain	1	prevencion-covid19.com.co
Details	Domain	1	getresponse-mail.com
Details	Domain	10	mx.google.com
Details	Domain	707	google.com
Details	Domain	1	bounce.getresponse-mail.com
Details	Domain	136	mail.com
Details	Domain	4	breakingsecurity.net
Details	Domain	1	chasefre.chasefre.pics
Details	Domain	360	attack.mitre.org
Details	Domain	3	breaking-security.net
Details	Domain	144	www.fortinet.com
Details	Domain	224	unit42.paloaltonetworks.com
Details	Domain	5	malware.news
Details	Email	1	prevencion-covid19-com-co@getresponse-mail.com
Details	Email	1	abuse@getresponse-mail.com
Details	Email	1	header.i=@getresponse-mail.com
Details	Email	1	bounce-119262801@bounce.getresponse-mail.com
Details	Email	1	smtp.mailfrom=bounce-119262801@bounce.getresponse
Details	File	74	mstsc.exe
Details	File	1	sanitarias.exe
Details	File	10	extrac32.exe
Details	File	533	ntdll.dll
Details	File	748	kernel32.dll
Details	File	146	wininet.dll
Details	File	5	regsvr.exe
Details	File	13	logs.dat
Details	File	1	remcos-instructions-manual-rev17.pdf
Details	md5	1	576B290CCD3E5B9C172793F46E2E02F1
Details	md5	1	9751e6f12b24bdad7d2117f2c7020ade
Details	md5	1	c8812dea8359f0571a7a521555f6137b
Details	md5	1	00fab7f57f73de1674add42371ed4340
Details	md5	1	9ad91ac861bd26a641fa1fe15b1d5f01
Details	md5	1	586aa60c78951b25defba589401c2174
Details	md5	1	b21cf79417a5261253785ffe8b0baa39
Details	md5	1	8f04f9bbc5183961a2af1e015a4f326e
Details	md5	1	62f99deef7bff208ef33e7175ba976a4
Details	md5	1	2acbfbd0b6c407fb3c7a0cc5c7a39d77
Details	md5	1	58400a2b2975c50e9f2d27aa22aeceed
Details	md5	1	8701cbe86982a1c6d04b177732df16bc
Details	md5	1	931ca95414349919998757f4ba2137b1
Details	md5	1	29f75d75e2c9732222cefc17598491b8
Details	md5	1	8768d2b0bbead95202f82306c351bb04
Details	md5	1	bd480943a64a5f2ebf14bca30d7b74d9
Details	md5	1	c23032a02c86bdf850be046a111933c9
Details	md5	1	24075ad898cb5a3ca2a4d3a04c755075
Details	md5	1	8d6e8a43513d71092ba4d077bb57299c
Details	md5	1	24953d1a545b6139417382036b8fdd48
Details	md5	1	e39f56b84501f3b0c2eeb214c7426993
Details	md5	1	bad4d901ab3590fbcfe07a764f01b663
Details	md5	1	574e5bb98b3fb186f9e009fd2b654d1b
Details	md5	1	c5dd9a4b30b0510f0f637e2bb20ff13e
Details	md5	1	94270d5fe5827cdb9f25a8c6d1280df5
Details	md5	1	6d0190cc7714b3cdf7f43b7a59d3abdd
Details	md5	1	a51978f4e9ef5d04358e16f3ca160b3a
Details	md5	1	879ff585f0976df2eb099614222fdbfb
Details	md5	1	dfeb455b3878c3920585faf5d0da5a68
Details	md5	1	cc722e903b29275c81bc8cc4c5ba7582
Details	md5	1	7de84434250d80b048a7aa70618caade
Details	md5	1	51e63285ada982262b89eff033caf239
Details	md5	1	8cf44952e574fc426cad06b4029b5c8f
Details	md5	1	1aba42a1af152852dfc8c1091253a5f5
Details	md5	1	8cc83c95194f03af1f76378d79ad4809
Details	md5	1	3db5cd752a237d821789a3c4915f3b81
Details	md5	1	6acf97a698c003f9f9f9ea1d220a8650
Details	md5	1	d295ab15e8689727c79bdefae41dfa53
Details	md5	1	70f15f656363ff2966eb1c7fdd4001e7
Details	md5	1	68f96be42d45e549efe42ae00220d167
Details	md5	1	8d10c9c606cb53adf7291d91da414526
Details	md5	1	f7e8af73e25b7f01a1b54aad37c7ac71
Details	md5	1	431bf295cfa0bebec5bdfd25f7aa1003
Details	md5	1	6b9e4cac8fb1f2a53060bc591457925c
Details	md5	1	b4eaeacdc6b98e632d69c37463a1537a
Details	md5	1	51378f5f8eeb405c3219beb6afdf4db9
Details	md5	1	84f6c94adbb2ddc4fee92ae06576906e
Details	md5	1	5f8c8a1f889908fca0b1c0a225349c7d
Details	md5	1	084392f38c3cc2b9d44a08f230031720
Details	md5	1	28d04f80e35e0360f2cbf3c0161595ce
Details	md5	1	d65cf6d2df9abf45894a07a0a526675b
Details	md5	1	ad258cdcb627ec39da06d596eafa345b
Details	md5	1	89ad81614f311ea176e0a28d4014f1a1
Details	md5	1	af9913f05a836f8b9975225228885909
Details	md5	1	6fa4894d46e9fbee4aa1e8a48304acd5
Details	md5	1	a5a038dfa4cfc0bdd944ccbd3dfa63ac
Details	md5	1	c4310d5520178204e3b0976c871a0389
Details	md5	1	e85b8ba78e6ed6a43b803b0de65003c1
Details	md5	1	c7bb02bb4b6ce2e88ba2a3add862caf1
Details	md5	1	ecd1ac22ad1376f5ec4e493291a31c1e
Details	IPv4	1	104.160.65.80
Details	Threat Actor Identifier - APT	181	APT33
Details	Url	1	https://app.getresponse.com/click.html?x=a62b&lc=b7eg5s&mc=99&s=be7a3gg&u=qzvx
Details	Url	2	https://attack.mitre.org/software/s0332
Details	Url	1	https://breaking-security.net/remcos
Details	Url	1	https://breaking-security.net/wp-content/uploads/dlm_uploads/2018/07
Details	Url	1	https://www.fortinet.com/blog/threat-research/remcos-a-new-rat-in-the-wild-2
Details	Url	3	https://unit42.paloaltonetworks.com/unit42-gorgon-group-slithering-nation-state-cybercrime
Details	Url	1	https://malware.news/t/remcos-rat-matroska-like-file-execution/36276