General
-
Target
d9507f342e1d1b97e33c8a4738dea70f502296d37581bc6270ccf56f15e05f22
-
Size
876KB
-
Sample
220221-lwn64sagc5
-
MD5
c2e1ba0f582c7fc12e31e23cc9e489c7
-
SHA1
ec8e7879ad9ebf55c34211e96ea0767bf28f2054
-
SHA256
d9507f342e1d1b97e33c8a4738dea70f502296d37581bc6270ccf56f15e05f22
-
SHA512
d8f32491f0fca821ab9b19fcb9a3095d7e02e5690ec5b407e5ce17d5bc9c1b9ba6a90e660fa39ba940b9cad56e06662eb3b008ffea1a5fbcb5b79f574d3346e2
Static task
static1
Behavioral task
behavioral1
Sample
Quotation #01521.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Quotation #01521.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
revengerat
2021
chongmei33.myddns.rocks:57438
37.120.208.40:57438
RV_MUTEX-ITXZMONFueOciqX
Targets
-
-
Target
Quotation #01521.exe
-
Size
816KB
-
MD5
73619a5f7eab7a80e0fbbd5c8493c9b4
-
SHA1
84db67126574c21ef3233518452876ad123b4aa1
-
SHA256
7a538b979c2a126fb287ed7bbb18ac55687273dfbac2c09de85f073c9bf5e3df
-
SHA512
b92f4239da62411edcbf2378e67e28a307752f1b55d5977527e83069630a5d9894bb4f7138473da42f183b6fc5cdcb334aff76805acbae6908b35ed8716940c4
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-