General
-
Target
ti8Pmv4G.exe
-
Size
17KB
-
Sample
201222-ae99tycrx2
-
MD5
8bebd374905cc33e3de17132a7b181c4
-
SHA1
16b5c5b0de016ef030b966533e374cbfcbb07628
-
SHA256
ad4937df3fbf1b24ab75bf35343d6f51e103fb763789d3209e8d05dbe615f67a
-
SHA512
20cbfee084c5cf9a7b8c62a6545a2726c89fc8039f193547d5d98c5d8f596507f7c270844d9ae2888e1c874e66f1c9380b01897644966f2ac8a572b7b5f4ac04
Static task
static1
Behavioral task
behavioral1
Sample
ti8Pmv4G.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
ti8Pmv4G.exe
Resource
win10v20201028
Malware Config
Extracted
revengerat
Guest
tchelero-55169.portmap.host:55169
tchelero-55169.portmap.host:80
192.168.1.100:55169
192.168.1.100:80
RV_MUTEX-LgHRHXJvbCGP
Targets
-
-
Target
ti8Pmv4G.exe
-
Size
17KB
-
MD5
8bebd374905cc33e3de17132a7b181c4
-
SHA1
16b5c5b0de016ef030b966533e374cbfcbb07628
-
SHA256
ad4937df3fbf1b24ab75bf35343d6f51e103fb763789d3209e8d05dbe615f67a
-
SHA512
20cbfee084c5cf9a7b8c62a6545a2726c89fc8039f193547d5d98c5d8f596507f7c270844d9ae2888e1c874e66f1c9380b01897644966f2ac8a572b7b5f4ac04
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Drops startup file
-