General
-
Target
fd4f94d12269d74166408823e51fe1fbc64a776ade7554a27acaf07cae6483fa
-
Size
89KB
-
Sample
220507-zbyfyadge8
-
MD5
793fd610adf1d34f757e9db8510e8ff2
-
SHA1
e54835aea0d357cd955c3c9876f6c6b1982fcf99
-
SHA256
fd4f94d12269d74166408823e51fe1fbc64a776ade7554a27acaf07cae6483fa
-
SHA512
3ad0a8c0aa14b2bea294d9aa5d914e46dc33d4df1ef2083c5050ab4cac693c01f0419ce9e3da20487d21102baa16b4cc9ce48947127b76aaf661a5bbe84fdd8f
Static task
static1
Behavioral task
behavioral1
Sample
fd4f94d12269d74166408823e51fe1fbc64a776ade7554a27acaf07cae6483fa.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
fd4f94d12269d74166408823e51fe1fbc64a776ade7554a27acaf07cae6483fa.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
revengerat
Guest
darkking111.hopto.org:3131
darkking111.hopto.org:5353
102ef32.ddns.net:3131
102ef32.ddns.net:5353
1026ef32.ddns.net :3131
1026ef32.ddns.net :5353
RV_MUTEX
Targets
-
-
Target
fd4f94d12269d74166408823e51fe1fbc64a776ade7554a27acaf07cae6483fa
-
Size
89KB
-
MD5
793fd610adf1d34f757e9db8510e8ff2
-
SHA1
e54835aea0d357cd955c3c9876f6c6b1982fcf99
-
SHA256
fd4f94d12269d74166408823e51fe1fbc64a776ade7554a27acaf07cae6483fa
-
SHA512
3ad0a8c0aa14b2bea294d9aa5d914e46dc33d4df1ef2083c5050ab4cac693c01f0419ce9e3da20487d21102baa16b4cc9ce48947127b76aaf661a5bbe84fdd8f
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-