General
-
Target
ZCgngKMK.exe
-
Size
27KB
-
Sample
201221-tapy6zab4n
-
MD5
038265381c07bdfe9e316ee37300deaa
-
SHA1
3acf06557ebe350907ce0ffbe21679e4a1cbb9b3
-
SHA256
db5eb754fff22b0478702d838e7b0e4d7285e8859a4bcf6fe1288ca83ff16a8b
-
SHA512
e83bee3420124a2ff829464b926c86f35736e51fae0baafeb18bbd253df7135bf661a951859dc857807f76f0fa7bd33bc79bc2a9a1f6e8ab687afa8b4f86692f
Static task
static1
Behavioral task
behavioral1
Sample
ZCgngKMK.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
ZCgngKMK.exe
Resource
win10v20201028
Malware Config
Extracted
revengerat
Guest
Rigisterio-37154.portmap.host:37154
RV_MUTEX-DCGRFbTXZMONF
Targets
-
-
Target
ZCgngKMK.exe
-
Size
27KB
-
MD5
038265381c07bdfe9e316ee37300deaa
-
SHA1
3acf06557ebe350907ce0ffbe21679e4a1cbb9b3
-
SHA256
db5eb754fff22b0478702d838e7b0e4d7285e8859a4bcf6fe1288ca83ff16a8b
-
SHA512
e83bee3420124a2ff829464b926c86f35736e51fae0baafeb18bbd253df7135bf661a951859dc857807f76f0fa7bd33bc79bc2a9a1f6e8ab687afa8b4f86692f
Score10/10-
RevengeRat Executable
-
Suspicious use of SetThreadContext
-