Get Started
Platform
Why SentinelOne?
Services
Partners
Resources
About
Pricing
Get Started
Back to Resources

SentinelOne VS Remcos RAT (Using DropBox and OneNote) – Detection and Response

Video
SentinelOne VS Remcos RAT (Using DropBox and OneNote) – Detection and Response

Remcos RAT, a remote control tool, has gained popularity among cybercriminals since its debut in 2018. It is sold commercially on underground forums and markets. The tool allows complete control over targeted machines and has been used in several high-profile attacks. Recently, attack campaigns have been observed using Microsoft OneNote attachments and documents to deliver the Remcos RAT. These attachments are delivered through phishing emails and malicious links to open repositories like Dropbox and OneDrive. Though OneNote does not support traditional macros, malicious attachments can be embedded in OneNote notebooks and launched on victims’ machines. This video shows how a malicious document hosted on Dropbox is installed to install Remcos RAT and how SentinelOne Singularity can prevent this malicious behavior. The SentinelOne platform detects and blocks these types of threats by analyzing the behavior of files and processes on a device. If it detects any suspicious activity, it can immediately take action to block the malware and prevent it from spreading.

Watch Now
Related Resources
Video
SentinelOne PartnerOne – America’s 2025
Video
Just a Sec: Cybersecurity Unfiltered—Fast, Frank, and From the Front Lines
Video
LABScon24 Replay | A Walking Red Flag (With Yellow Stars) | Cary & Benincasa
Video
LABScon24 Replay | Kryptina RaaS: From Unsellable Cast-off to Enterprise Ransomware | Jim Walter

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform harnesses the power of data and AI to protect your organization now and into the future.

Request a Demo