General
-
Target
f1314a9c63f3c2b7874a3fee77a4ef1cf41c334ff595e1b09b185148c6679daa
-
Size
146KB
-
Sample
220524-q6cchsdbf6
-
MD5
02160709e380779caaf845dc207e4748
-
SHA1
e0caa564e6b7c059bc1ef5a787f2f44b4b0823fd
-
SHA256
f1314a9c63f3c2b7874a3fee77a4ef1cf41c334ff595e1b09b185148c6679daa
-
SHA512
3b1bd7537410a7b83836ba72c840a0facd00df409f40764dcbd3d06a77cbd2593a133991b58ee05b41e27bed6c73548ed48c3e002effa7f6abc3e64a909d9b80
Static task
static1
Behavioral task
behavioral1
Sample
f1314a9c63f3c2b7874a3fee77a4ef1cf41c334ff595e1b09b185148c6679daa.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
f1314a9c63f3c2b7874a3fee77a4ef1cf41c334ff595e1b09b185148c6679daa.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
f1314a9c63f3c2b7874a3fee77a4ef1cf41c334ff595e1b09b185148c6679daa
-
Size
146KB
-
MD5
02160709e380779caaf845dc207e4748
-
SHA1
e0caa564e6b7c059bc1ef5a787f2f44b4b0823fd
-
SHA256
f1314a9c63f3c2b7874a3fee77a4ef1cf41c334ff595e1b09b185148c6679daa
-
SHA512
3b1bd7537410a7b83836ba72c840a0facd00df409f40764dcbd3d06a77cbd2593a133991b58ee05b41e27bed6c73548ed48c3e002effa7f6abc3e64a909d9b80
Score10/10-
RevengeRat Executable
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-