General
-
Target
19A7FCD451DEA34B219222DDCE8072F3A83A57EEB18DC.exe
-
Size
161KB
-
Sample
220919-fnjzjadccp
-
MD5
6dbf9d23086ddc60c06d51b5cef27c27
-
SHA1
d2763cebcf65023707fea835015ae230b5bd48cb
-
SHA256
19a7fcd451dea34b219222ddce8072f3a83a57eeb18dc1598b2a6f0c5bf6546a
-
SHA512
e78812ed50a8f4dc636bc50e3f7ab4ea2979293c824299da83ddd5015f90b8064720c8c6009dfd15fe83b15eace496103e41e0f0265bc8dbd79d656a1650a830
-
SSDEEP
3072:nf/snZ0dRsNedt26sjXkXUpEzFLlYmS2QMN+3j61oXd+RubnMaqPi3:XyZGRsNed1sYXUWxL2mS2n+Tvt+Ebnai
Static task
static1
Behavioral task
behavioral1
Sample
19A7FCD451DEA34B219222DDCE8072F3A83A57EEB18DC.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
19A7FCD451DEA34B219222DDCE8072F3A83A57EEB18DC.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
19A7FCD451DEA34B219222DDCE8072F3A83A57EEB18DC.exe
-
Size
161KB
-
MD5
6dbf9d23086ddc60c06d51b5cef27c27
-
SHA1
d2763cebcf65023707fea835015ae230b5bd48cb
-
SHA256
19a7fcd451dea34b219222ddce8072f3a83a57eeb18dc1598b2a6f0c5bf6546a
-
SHA512
e78812ed50a8f4dc636bc50e3f7ab4ea2979293c824299da83ddd5015f90b8064720c8c6009dfd15fe83b15eace496103e41e0f0265bc8dbd79d656a1650a830
-
SSDEEP
3072:nf/snZ0dRsNedt26sjXkXUpEzFLlYmS2QMN+3j61oXd+RubnMaqPi3:XyZGRsNed1sYXUWxL2mS2n+Tvt+Ebnai
Score10/10-
RevengeRat Executable
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-