General
-
Target
336A4B6F945E79E683E1D1D0CF1EDAA2F41AB0A5DCC96.exe
-
Size
2.1MB
-
Sample
220731-jh4crsfhbl
-
MD5
8a482533fe2e91bf1542fd9568774473
-
SHA1
f4d1c1c3e8ac828ffd3675a7590590d856473c87
-
SHA256
336a4b6f945e79e683e1d1d0cf1edaa2f41ab0a5dcc96ed1bd56557d8eda4cc6
-
SHA512
31e2645a70a7fa3e248465a00d8310a9e93bb7665f4e1d9171e2983b4d0272b79dde5b56b5edbb559662ff36c2db6133a68c346a3c8ca67540e94c4ad658b36d
Behavioral task
behavioral1
Sample
336A4B6F945E79E683E1D1D0CF1EDAA2F41AB0A5DCC96.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
336A4B6F945E79E683E1D1D0CF1EDAA2F41AB0A5DCC96.exe
Resource
win10v2004-20220722-en
Malware Config
Targets
-
-
Target
336A4B6F945E79E683E1D1D0CF1EDAA2F41AB0A5DCC96.exe
-
Size
2.1MB
-
MD5
8a482533fe2e91bf1542fd9568774473
-
SHA1
f4d1c1c3e8ac828ffd3675a7590590d856473c87
-
SHA256
336a4b6f945e79e683e1d1d0cf1edaa2f41ab0a5dcc96ed1bd56557d8eda4cc6
-
SHA512
31e2645a70a7fa3e248465a00d8310a9e93bb7665f4e1d9171e2983b4d0272b79dde5b56b5edbb559662ff36c2db6133a68c346a3c8ca67540e94c4ad658b36d
Score10/10-
RevengeRat Executable
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-