General
-
Target
86e39626196a841f054a58ba325a49e23699321d28f434532bab873a535f8eee
-
Size
73KB
-
Sample
220524-2stkesagc9
-
MD5
c614070ca1587a1512a857dd520e22ca
-
SHA1
ba8f33ced64886e0d8f02ecef1da17f653e8438c
-
SHA256
86e39626196a841f054a58ba325a49e23699321d28f434532bab873a535f8eee
-
SHA512
865aa8428b784119d48ea5969968d5f8b872e22b8b3aab2db7f907324d02290188f0e3d3654650178e013a528f8f5f9265f563b0056b0c365114757869601ead
Static task
static1
Behavioral task
behavioral1
Sample
86e39626196a841f054a58ba325a49e23699321d28f434532bab873a535f8eee.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
86e39626196a841f054a58ba325a49e23699321d28f434532bab873a535f8eee.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
86e39626196a841f054a58ba325a49e23699321d28f434532bab873a535f8eee
-
Size
73KB
-
MD5
c614070ca1587a1512a857dd520e22ca
-
SHA1
ba8f33ced64886e0d8f02ecef1da17f653e8438c
-
SHA256
86e39626196a841f054a58ba325a49e23699321d28f434532bab873a535f8eee
-
SHA512
865aa8428b784119d48ea5969968d5f8b872e22b8b3aab2db7f907324d02290188f0e3d3654650178e013a528f8f5f9265f563b0056b0c365114757869601ead
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-