General
-
Target
b99be412390b1eee50bca4b7f5a152c5ca7782fa9fef0107762be9c5fe01e743
-
Size
9.4MB
-
Sample
220314-vmsmlscbbq
-
MD5
d1b8484fc84c85b2d75e850f44d193fb
-
SHA1
8901ee513eca44bd50115c1ef8cef90fed050e4b
-
SHA256
b99be412390b1eee50bca4b7f5a152c5ca7782fa9fef0107762be9c5fe01e743
-
SHA512
9e93ea0720e9c8a84f109d1caf734d2418f40b20b341dd1809c5135741d91cb947e1bfe4095f24bc08d6d349faf0992e7a3d3ee43f36a42496a18f714a92e1d7
Static task
static1
Behavioral task
behavioral1
Sample
b99be412390b1eee50bca4b7f5a152c5ca7782fa9fef0107762be9c5fe01e743.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
b99be412390b1eee50bca4b7f5a152c5ca7782fa9fef0107762be9c5fe01e743.exe
Resource
win10v2004-20220310-en
Malware Config
Targets
-
-
Target
b99be412390b1eee50bca4b7f5a152c5ca7782fa9fef0107762be9c5fe01e743
-
Size
9.4MB
-
MD5
d1b8484fc84c85b2d75e850f44d193fb
-
SHA1
8901ee513eca44bd50115c1ef8cef90fed050e4b
-
SHA256
b99be412390b1eee50bca4b7f5a152c5ca7782fa9fef0107762be9c5fe01e743
-
SHA512
9e93ea0720e9c8a84f109d1caf734d2418f40b20b341dd1809c5135741d91cb947e1bfe4095f24bc08d6d349faf0992e7a3d3ee43f36a42496a18f714a92e1d7
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-