UnpacMe Weekly: Extractor Updates
This week we have been working through a maintenance sprint focusing on improving core services in UnpacMe. We have also updated several malware configuration extractors such as Azorult & AsyncRat, and added new extractors for LummaStealer and Remcos.
LummaStealer
LummaStealer was first observed in-the-wild (ITW) in August of 2022. The stealer contains functionality commonly observed in other similar malware families, such as the targeting crypto currency wallets and browser data.
An example of the extracted LummaStealer configuration is shown below.
Remcos
Remcos is a Remote Access Trojan (RAT) which has been around for several years. The malware is often distributed by loaders such as PrivateLoader via large scale spam campaigns leveraging.
An example of the extracted Remcos configuration is shown below.
As always, if you have any feedback or issues please let us know.
Happy Unpacking!