Page 86 - Cyber Defense eMagazine October 2023
P. 86
The sample (Riotgames.exe: 5379d703170770355efdbce86dcdb1d3) we investigated in this report is
Remcos RAT and downloaded from server hosted on IP “141[.]95[.]16[.]111”.
Constant Discovery and OSINT Insights:
As per the OSINT investigation, such IPs/URLs hosting Remcos RAT and delivering such malicious
payloads on infected machines are constantly reported by independent researchers and such discovery
increased in the past two months. The Following are several URLs/IPs identified using OSINT
investigation, hosting Remcos RAT, GuLoader and other malicious files.
In this month several new IPs were reported hosting Remcos RAT.
Cyber Defense eMagazine – October 2023 Edition 86
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.