General
-
Target
9698e8777eb27b6304c236f03237e354dafb9bcc5e68559bafe051d58634e69f
-
Size
972KB
-
Sample
220525-ah52xsgeeq
-
MD5
bace24eadab2c4f223dc58709049b633
-
SHA1
6cf43ccca649bd07f05f118191b3b423e67dc86c
-
SHA256
9698e8777eb27b6304c236f03237e354dafb9bcc5e68559bafe051d58634e69f
-
SHA512
79cfaff3ed06701b579c2cd5fdcab633208d490fc0a1d8f1ca456cf8b421aaac47fed18c656a7ebda1c53519098a999beb72f7d2f826ba25c0b6fc639e32f83e
Static task
static1
Behavioral task
behavioral1
Sample
9698e8777eb27b6304c236f03237e354dafb9bcc5e68559bafe051d58634e69f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
9698e8777eb27b6304c236f03237e354dafb9bcc5e68559bafe051d58634e69f.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
revengerat
cuidadonoip
redlan1.hopto.org:3344
RV_MUTEX-wawrHJfWfhaR
Targets
-
-
Target
9698e8777eb27b6304c236f03237e354dafb9bcc5e68559bafe051d58634e69f
-
Size
972KB
-
MD5
bace24eadab2c4f223dc58709049b633
-
SHA1
6cf43ccca649bd07f05f118191b3b423e67dc86c
-
SHA256
9698e8777eb27b6304c236f03237e354dafb9bcc5e68559bafe051d58634e69f
-
SHA512
79cfaff3ed06701b579c2cd5fdcab633208d490fc0a1d8f1ca456cf8b421aaac47fed18c656a7ebda1c53519098a999beb72f7d2f826ba25c0b6fc639e32f83e
Score10/10-
RevengeRat Executable
-
Drops startup file
-
Suspicious use of SetThreadContext
-