General
-
Target
c51ddb34c1a0bcd8af4829d8a54c4341.exe
-
Size
140KB
-
Sample
220906-qlvncsafdk
-
MD5
c51ddb34c1a0bcd8af4829d8a54c4341
-
SHA1
84860f90d7c7344a315e9ddc176d8e4a966ad7ad
-
SHA256
880ac454f385019390e07ff3f7e1986ffb806951413d6d3774df9ba57a4fe8af
-
SHA512
924bd3791a353328e7b946b846b02279bb588c6e7f0ba88d9579e320a343f4572d9a773bd92ef520c562e6c5a5e156108b6d865537bdacb01bbe006d64756a17
-
SSDEEP
3072:aMSncRzAO/5XRUAoVFwkIV35QWYBkU+KbRMcP+MQWv:5SncRlBS9VTkYiU+KbR7j
Behavioral task
behavioral1
Sample
c51ddb34c1a0bcd8af4829d8a54c4341.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c51ddb34c1a0bcd8af4829d8a54c4341.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
revengerat
Guest
194.5.179.83:4040
127.0.0.1:4040
RV_MUTEX
Targets
-
-
Target
c51ddb34c1a0bcd8af4829d8a54c4341.exe
-
Size
140KB
-
MD5
c51ddb34c1a0bcd8af4829d8a54c4341
-
SHA1
84860f90d7c7344a315e9ddc176d8e4a966ad7ad
-
SHA256
880ac454f385019390e07ff3f7e1986ffb806951413d6d3774df9ba57a4fe8af
-
SHA512
924bd3791a353328e7b946b846b02279bb588c6e7f0ba88d9579e320a343f4572d9a773bd92ef520c562e6c5a5e156108b6d865537bdacb01bbe006d64756a17
-
SSDEEP
3072:aMSncRzAO/5XRUAoVFwkIV35QWYBkU+KbRMcP+MQWv:5SncRlBS9VTkYiU+KbR7j
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-