This article was originally published on ThreatChain — decentralized threat intelligence. For $58 on a hacking forum, anyone can buy full remote control of your computer. Camera, keyboard, files — everything. A new RemcosRAT sample was identified by threat intelligence feeds on 2026-05-08 09:56:04. This post breaks down what we know about the specific sample, how to recognize related activity on your network, and what to do if you or your organization might be affected. The Sample at a Glance Field Value SHA-256 25c3bd326e331a73559179092b5d981361dbc693dea7ee098dd4e279f56e084e File name DHL Shipment Details.xls File type xls Size 284.0 KB Origin (first observed) SE First seen 2026-05-08 09:56:04 Family RemcosRAT Tags DHL, RemcosRAT, xls VirusTotal detection 14/75 engines flagged malicious What RemcosRAT Does RemcosRAT is a malware family observed delivering malicious payloads to Windows systems. Samples in this family typically steal credentials, establish persistence, or enable remote access for attackers.…