Related blog content
New macro-less technique to distribute malware
Backdoor.Remcos is Malwarebytes’ detection name for a family of Backdoor Trojans that allow remote access and control over the affected system.
Backdoor.Remcos is a Remote Administration Tool (RAT).
Backdoor.Remcos can arrive as a malicious email attachment or be downloaded by other malware.
Backdoor.Remcos gives the threat actor full control over the infected system and allows them to run keyloggers and surveillance (audio + screenshots) mode. This means:
Malwarebytes protects users from Backdoor.Remcos by using real-time protection.
Malwarebytes can detect and remove Backdoor.Remcos without further user interaction.
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.
On the Quarantine page you can see which threats were quarantined and restore them if necessary.
Folder:
%Appdata%\remcos\logs.dat
C&C:
remcos2.legacyrealestateadvisors.net
remcos.legacyrealestateadvisors.net
Select your language