⚠
REMCOS
rat6 mutex signatures
[BASIC_INFORMATION]
FAMILY_NAME:
REMCOS
CATEGORY:
RAT
DESCRIPTION:
REMCOS is a commercial Remote Access Trojan (RAT) that has been sold since 2016. While marketed as a legitimate tool for remote administration, it is widely used by malicious actors for surveillance and unauthorized control of compromised systems.
ALIASES:
REMCOS RATBackdoor:Win32/Remcos
TAGS:
remote_accesscommercial_RATkeylogginginfostealerc2
[MUTEX_SIGNATURES](6)
[MUTEX_01]
MARE_IS_BEAUTIFUL_EX
ANALYST: @adhikara13 DATE: 2024-08-01
[MUTEX_02]
Rmc-<uniqueid>
ANALYST: @adhikara13 DATE: 2024-08-01
[MUTEX_03]
Remcos_Mutex_Inj
ANALYST: @adhikara13 DATE: 2024-08-01
[MUTEX_04]
remcos_<uniqueid>
ANALYST: @adhikara13 DATE: 2024-08-01
[MUTEX_05]
Remcos-<uniqueid>
ANALYST: @adhikara13 DATE: 2024-08-01
[MUTEX_06]
Mutex_RemWatchdog
ANALYST: @adhikara13 DATE: 2024-12-19
[QUICK_ACTIONS]
[THREAT_INTELLIGENCE]
ATTRIBUTION:
⚠Unknown
FIRST_OBSERVED:
2016
[SIGMA_RULE]
[STATISTICS]
MUTEX_COUNT:6
THREAT_ACTORS:1
ALIASES:2
TAGS:5
CATEGORY:RAT
Malware profile loaded successfully