General
-
Target
375b0b46734021995ef5f6c9c8c6f2dfd7fbf84064846c551bb8cd804d18100d
-
Size
804KB
-
Sample
220508-2fgebshdc7
-
MD5
bfaaa88505cadf67b0b1f2ba2b4e1866
-
SHA1
9d8576b01fde92ffc7a2ec187ed5ebd0d69275f9
-
SHA256
375b0b46734021995ef5f6c9c8c6f2dfd7fbf84064846c551bb8cd804d18100d
-
SHA512
495c644934b446a706f04bdc4b7078d4b71f44a86e1d19595bea405dcaddaecd0d88709df4ede61177dcee072da91d728a12d8ebe66e5de30918791a69a2aa88
Static task
static1
Behavioral task
behavioral1
Sample
375b0b46734021995ef5f6c9c8c6f2dfd7fbf84064846c551bb8cd804d18100d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
375b0b46734021995ef5f6c9c8c6f2dfd7fbf84064846c551bb8cd804d18100d.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
375b0b46734021995ef5f6c9c8c6f2dfd7fbf84064846c551bb8cd804d18100d
-
Size
804KB
-
MD5
bfaaa88505cadf67b0b1f2ba2b4e1866
-
SHA1
9d8576b01fde92ffc7a2ec187ed5ebd0d69275f9
-
SHA256
375b0b46734021995ef5f6c9c8c6f2dfd7fbf84064846c551bb8cd804d18100d
-
SHA512
495c644934b446a706f04bdc4b7078d4b71f44a86e1d19595bea405dcaddaecd0d88709df4ede61177dcee072da91d728a12d8ebe66e5de30918791a69a2aa88
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-