Port 22

Analysis: New Remcos RAT Arrives Via Phishing Email

In July, we came across a phishing email purporting to be a new order notification, which contains a malicious attachment that leads to the remote access tool Remcos RAT (detected by Trend Micro as BKDR_SOCMER.SM). This attack delivers Remcos using an AutoIT wrapper that incorporates various obfuscation and anti-debugging techniques to evade detection, which is a common method for distributing known malware.

The post Analysis: New Remcos RAT Arrives Via Phishing Email appeared first on .