General
-
Target
3cd3b7ca84a4c44fa8080b1c7df713f6de0a9d36644732665625590e919db7ea
-
Size
345KB
-
Sample
220703-fvh1tagcfn
-
MD5
625c5be82cb33b45e21c521995e543f7
-
SHA1
acf0d26d067696b2c93015e83b3811cf96f90510
-
SHA256
3cd3b7ca84a4c44fa8080b1c7df713f6de0a9d36644732665625590e919db7ea
-
SHA512
351ee2bcfeeb91de93081fe763a20b99b0e9493db6fda8eee0de336b6a963610dd5b8160b32490c06dd53f6b1aaab1be4e8ed6da79338c57b53df7389d35cd06
Static task
static1
Behavioral task
behavioral1
Sample
3cd3b7ca84a4c44fa8080b1c7df713f6de0a9d36644732665625590e919db7ea.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3cd3b7ca84a4c44fa8080b1c7df713f6de0a9d36644732665625590e919db7ea.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
revengerat
Extracted
revengerat
CEO
192.168.1.4:666
192.168.1.4:1716
netking.duckdns.org:666
netking.duckdns.org:1716
RV_MUTEX-LuSAtYBxGgZH
Targets
-
-
Target
3cd3b7ca84a4c44fa8080b1c7df713f6de0a9d36644732665625590e919db7ea
-
Size
345KB
-
MD5
625c5be82cb33b45e21c521995e543f7
-
SHA1
acf0d26d067696b2c93015e83b3811cf96f90510
-
SHA256
3cd3b7ca84a4c44fa8080b1c7df713f6de0a9d36644732665625590e919db7ea
-
SHA512
351ee2bcfeeb91de93081fe763a20b99b0e9493db6fda8eee0de336b6a963610dd5b8160b32490c06dd53f6b1aaab1be4e8ed6da79338c57b53df7389d35cd06
Score10/10-
RevengeRat Executable
-
Drops startup file
-
Suspicious use of SetThreadContext
-