all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Unknown TTPs of Remcos RAT

Add to bookmarks
March 26, 2024, 11:26 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Typically spread through malicious attachments, drive-by downloads, or social engineering, Remcos RAT has been active since 2016. Initially presented by BreakingSecurity, a European company, as a legitimate remote control tool, it has since been exploited by threat actors for nefarious purposes, despite claims of restricted access for lawful use.


On analyzing a few samples from VirusTotal, we got one interesting sample which was a .vhd file. Let’s analyze how threat actors have crafted the VHD (Virtual Hard Disk).


 After …

access attachments claims control downloads drive drive-by drive-by downloads engineering exploited malicious malware analysis rat remcos remcos rat remote control restricted social social engineering threat threat actors tool ttps

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

New Redline Version: Uses Lua Bytecode, Propagates Through GitHub 7 hours ago | malware.news
bytecode code detect found +12
Cybersecurity firm Darktrace sold to Thoma Bravo for $5.3 billion 19 hours ago | malware.news
acquisition article cybersecurity darktrace +5
Arctic Wolf Recognized as a Leader in Frost & Sullivan Managed Detection and Response Report 20 hours ago | malware.news
amp and response april arctic +20
CVE-2024-29204, CVE-2024-24996: Critical Vulnerabilities in Ivanti Avalanche 20 hours ago | malware.news
april avalanche components critical +19
Showcasing Artwork by Max for Autism Awareness Month 21 hours ago | malware.news
art article artwork autism +6
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381 21 hours ago | malware.news
article cisco deepfakes flowmon +6
Kaiser Permanente notifies 13.4M patients of potential data exposure 21 hours ago | malware.news
apps article data data exposure +16
Impact of organizational structure on ransomware outcomes: Where does your org fit in? 21 hours ago | malware.news
article challenges core security detection +15
VA is warning veterans about Change Healthcare cyberattack, secretary says 22 hours ago | malware.news
alerting article attack change +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs