General
-
Target
bd32b11e7ab2cecab2889b275fdd9ff7176f75d0e30f151d0f9a8a7960b4f629
-
Size
1.2MB
-
Sample
220520-qrpz3aghal
-
MD5
c1871cb159b1cd38000e1f42b3a547ff
-
SHA1
64a45affc875b2ff373ef81e1d5f99bb15621e2a
-
SHA256
bd32b11e7ab2cecab2889b275fdd9ff7176f75d0e30f151d0f9a8a7960b4f629
-
SHA512
186bcec565eeea97cf8967541fe478dcbf4e6c5bc91fa43fb93ff05669b830fe2404dda336a1fec0097a5ac3db8905c903c31f9007b6f075ef792c89e811179d
Static task
static1
Behavioral task
behavioral1
Sample
REORDER_.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
REORDER_.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
revengerat
Guest
lordiyke.duckdns.org:2336
RV_MUTEX-YqqNLCGRFbTXZM
Targets
-
-
Target
REORDER_.EXE
-
Size
339KB
-
MD5
965a50b0cb0e05ba3fb39aa2dfb64980
-
SHA1
f9d0711a8f6f430ec3bfc597be43592cebdc649e
-
SHA256
cac726f6b0bcb60af61033a9a59ae886ee7466f65e20185cd44be43c80386e7d
-
SHA512
43c37e8457f55ed52b8e9ae3cce7fe4ea5403d27f58a674fa0ee976b99bda8704dedd4fe0caa4cb93d758349b02acea22faf0a0a672cc87ebb938878c6d7c3fb
Score10/10-
RevengeRat Executable
-
Suspicious use of SetThreadContext
-