6108fe6c491d95e6869c3605197c261d341159ae4a565ca8613184aae5020b74

Sharing

Copy URL

Twitter E-mail

General

Target

RAVAntivirus.zip
Size

47.1MB
Sample

220924-3p9mxadgbq
MD5

dfeebcf0aab0d54df167b7d8ea42f909
SHA1

a3da50bc1ce294070c926f426836c4d3135791f3
SHA256

6108fe6c491d95e6869c3605197c261d341159ae4a565ca8613184aae5020b74
SHA512

802f3221a8f63606992426977b5fc41d205220e7f9674319eb68720d8f59b5bb5af1ced6174b7071326841a425feda07a94099e8d0d13863fe3b350f55743375
SSDEEP

786432:Yi7NHkZku6H+ydQVukUjuh3iOmdiCV01Y+4ntxHWI8ceOwu6RMYZOtOIHveQMXDV:Yi7yZku6eyCVIyM09TCbHWzvHItMoiVl

Score

10^/10

coreentity

Malware Config

Targets

- Target
  
  RAVAntivirus/rsEngineSvc.exe
- Size
  
  346KB
- MD5
  
  508a7cb1a5dbe5a69e8e89554705c530
- SHA1
  
  f2633d0e803a852bd61b996321df9f53eb3adcb2
- SHA256
  
  a441fd12faf76c4ddf546a8d810b875bfb29ff2d199df4d3a7703fee4b0e1342
- SHA512
  
  f2fe05f19a56dfb79da5d5fc26d9cb12eaf6bb390a17a84f9c4daf5812955040ffb4df877536e3ef0872e962e025ff1ce5bf04d6e6718c9f804b9e717ac73c05
- SSDEEP
  
  6144:xxGhruCPWM02oWvPwvTc3nRvxYFms5m/o9z9/P7ivqjIoNpKvmR3yAW:xxGkM00wo3nRvaL535GSjTRiAW
Score

1^/10
behavioral1 behavioral2
- Target
  
  RAVAntivirus/rsExtensionHost.exe
- Size
  
  143KB
- MD5
  
  ffe5b6868c88996aa2f8554506864413
- SHA1
  
  7ec36d58b71cbfb561c72319ae4ff1834f30d1fa
- SHA256
  
  47295ec9fb73ef49405f0d74d354212be68d2004fe8250b8aaa3dbf0fc6f151e
- SHA512
  
  1c3b5c16432d445bf7a8d6b03f862c74ef92c55e4dcc9f83537779b81e59ec819489b0f234a8976573b8f399c5587d8809c954edea557bdec0d86e6128b0413b
- SSDEEP
  
  3072:xQj0u/GHRd5O/17ObZZ1IAu9a9V4ffc1VyiKoJDbTf:uwuuxPSqLbu9a9mEJzf
Score

1^/10
behavioral3 behavioral4
- Target
  
  RAVAntivirus/rsFrame.dll
- Size
  
  21KB
- MD5
  
  64b9d4ec2ea38ea8ac809829b939b106
- SHA1
  
  ab827ecd53b5099cb10b328f46dddf8a8d9b0e20
- SHA256
  
  c5e8fd69979e76bf42457ef4529171f789b53b67e041fd686134d44e4f7b849b
- SHA512
  
  877261bca0307708d8852409db9b2150da3c30242b4787f76b8f77dd888fcf7afa4dffad7f1144acafc1ccc0d02989cec168b126776a6357fc62d2f07006aa2e
- SSDEEP
  
  384:HYzPTJH3h8EqYrjjL6EcnL6Ech+Y7h7X2Ip4/9Bfy6jdAA1m5wMrIuMV7rPR7jh:HYztH3h8EqM6f6F+Y7N2Ip4/bfy6xf1x
Score

1^/10
behavioral5 behavioral6
- Target
  
  RAVAntivirus/rsJSON.dll
- Size
  
  216KB
- MD5
  
  24d13723b8527cf108f716b4cbf2899b
- SHA1
  
  2c9d0c136ee34e6dfbdf99bc87663f20f7eff833
- SHA256
  
  da8770c00d3a434cacdecbbf7d66d8cba5d73ef73493a3f184950c43c007be15
- SHA512
  
  2900498c920ec8a69770df1f172800de0df7c8cdf9f633751206f4997cd98ddd9b3f7a826cb7d62b9feceb217b9e9174fa229acaf188c55f48e487d472746d72
- SSDEEP
  
  3072:eT4Ahf0UCXbEb89D4KT+/vi+55uHr3Yv+rDi8TV5l1mVb3OFI2:eTfLsbEKDY/3K3YkzTV5lkKD
Score

1^/10
behavioral7 behavioral8
- Target
  
  RAVAntivirus/rsLitmus.A.exe
- Size
  
  108KB
- MD5
  
  2bc3522890538d498d15d2331aa1e9fc
- SHA1
  
  b5ae6f41855bb2757806263e31650fe76fac70ab
- SHA256
  
  5f4b5e932c7fc21f98ef5b18186c23ea144b9927f3254ba04b47cd1a831ca6d2
- SHA512
  
  ae14494f4e8e8eb40fee357de574e16f270b923218d944e7d7c53625312e71fd28a25595c513f6f7abbd991c8c12a590b3513bc58f6701ebb3eaa092f3239e53
- SSDEEP
  
  3072:YfL+72PsK9Qd/RpgyxMkJfjQmMCdwMzTVfI:YCqkK2/Rp5DzTVg
Score

1^/10
behavioral9 behavioral10
- Target
  
  RAVAntivirus/rsLitmus.S.exe
- Size
  
  102KB
- MD5
  
  7c97046701cb82e4e409df20af386275
- SHA1
  
  051267e447cf42b2eca5f695526f18add1ccf3e4
- SHA256
  
  38ca46547c8c7c5c0c8e394ea355a03c26a08adb63b39fc95aa5461b5321da7c
- SHA512
  
  22e2cfbda6e47d62e0f87535f4f61ecc67408efdf020c41a29993bd80fac9cc40d4513708c0bc96cbaa0d70686bbbd2d7cb1fbb95bd273937159d6516452b691
- SSDEEP
  
  3072:8fL+72PsK9Qd/RpgyxMkJfjQmMCdwMzTVK:8CqkK2/Rp5DzTVK
Score

1^/10
behavioral11 behavioral12
- Target
  
  RAVAntivirus/rsLogger.dll
- Size
  
  174KB
- MD5
  
  5c647782f36ea9010877f9665f8db38f
- SHA1
  
  19efd56dc3b1bba3d7b77a7d0a889f12850cabbb
- SHA256
  
  b95315dea74567f360c2cedd9b5c43964cdffe89a5b7ff337e8d40b42b89e1f9
- SHA512
  
  dd2a9667f13cf51ddd0500404115a9e911112f9bea4dffe25e4bfafe703d848f770919dbf145f91fad8eb670c5545ab42a1d4c3fba0ec3e73ffd499a0eec77b3
- SSDEEP
  
  3072:J5/71m+hgnGKeeVGvZO4PI9VTJemvMr5D7Vgt/g9kBl:J5/YnGKdVG3PI9DS5D72P
Score

1^/10
behavioral13 behavioral14
- Target
  
  RAVAntivirus/rsRemediation.exe
- Size
  
  133KB
- MD5
  
  5759522b3a69cc0afe2ee52d2db81489
- SHA1
  
  eeecf8df6398015dc5ddd9b072e8798fe82f6faa
- SHA256
  
  b5777f61243958fe29e760089b213e1b691afd5c84296f1d3245cd40921f9b56
- SHA512
  
  ffdc0fdf6d42c98f7cb40263d50eae4fe5e7e1e5feed11b8842b72e2c708e0b04451eed7163f2ece9a781a170f112e4efec93c17dbe3460244937433febf5234
- SSDEEP
  
  1536:NjIJ/E19eM8p+H8GaAtxRuDTlrcLdrk3AgnMYln7HJTaRUL2MN1pfR87aY+Yzyy4:CJ/E1ay8GtcDqLdQ3l9lnNT526peA1Zz
Score

1^/10
behavioral15 behavioral16
- Target
  
  RAVAntivirus/rsRemediation.exe.config
- Size
  
  176B
- MD5
  
  07c7bd25442b92d5e654d2b47ea63ec0
- SHA1
  
  4c1a65c73edf4dac58f7c6d1e0094ced79647736
- SHA256
  
  8305f905b29a9202d59bc06753ac1acc00b3b4c8b951d820ca7ac850e7a4f7cc
- SHA512
  
  6204fb64c90537dab7f64b8d99430e8bfa7d4759bd22b2bfe7959f59beffc001cfce1e3ea80fff21deeda91cede3c48726aff7433e6a9b9e32c1f239f53b909b
Score

1^/10
behavioral17 behavioral18
- Target
  
  RAVAntivirus/rsTime.dll
- Size
  
  131KB
- MD5
  
  4a8fcd9f77f9d3c13206e0d5343b19c4
- SHA1
  
  d6f4ca3c72b7f4b37d414b62fb999febc96c43c0
- SHA256
  
  acb1f2065b9b6cf252144eccbdf0a24d3c8e8abaaf1790be69cfeb3222ef63f9
- SHA512
  
  ebfffc8a182ba97096889410163c827d5d70bf850b2df9af12fabc31af97bf3c95d3804294d7aa3d85ca4b9dc96c7138efb6c1e77f32e8e67aded9b6aa55d70a
- SSDEEP
  
  1536:9WGCIhUiWgomR1xGU5EplJLT7yPxB7a40oTrM8PNEmriC8f6v9RMjuLjU6f6h7Qa:9WGjyLgosGplJLT7AwoTFGmrY6sWjK
Score

1^/10
behavioral19 behavioral20
- Target
  
  RAVAntivirus/rsWSC.exe
- Size
  
  199KB
- MD5
  
  7c63a48af0a0d0c910ad301dacdabc6a
- SHA1
  
  975a70586e6cc0b366e85d4955ca97df2513e196
- SHA256
  
  740db55eb89b8824ffe02612113de80e219673fc1c22187fcc2d3366ece8544d
- SHA512
  
  49b8c88398dde6bb9b407fcce050bd49a61c04fc7e1e7e2a6b10ebd8a4f4c8059c9bf55e3c61839bfa895a85cf2b575609eff29c85bf25943acae8b5bbecd54e
- SSDEEP
  
  3072:DZRsJDRkJLCuhA6pUcykg4XtabodDGbM+nkgRm19RBSLNn8XYJKkddRWJCWL:lKJVkJLvpUcl7XgbMDGbM+kTLGFgIw
Score

1^/10
behavioral21 behavioral22
- Target
  
  RAVAntivirus/rsWSCClient.dll
- Size
  
  160KB
- MD5
  
  e54bb77519275a852e6617d4ba440bad
- SHA1
  
  e14a3b4a0a9b57409a9a6d23171dbb68013e1dcf
- SHA256
  
  045345df7bd9c8b86b218b8ffa623464788781b79817e46b221d61bb59707706
- SHA512
  
  56e1d994d83c4411b0d4afabccc7a2acbc8d539bd2c0a74bbf8e0e0e0a4e19233730471927805b2412355556d7810cb1ab00aa3012fa904294625425123c0c62
- SSDEEP
  
  3072:p4FuYH85feeeFUIfusdZ1UpMH04AZxOrXNVV1LTr4KI1k1f4wjC7Y0EF0T:CFug8UeeyKkpMH+ZxOrXNVV1r4h1Mfjc
Score

1^/10
behavioral23 behavioral24
- Target
  
  RAVAntivirus/ui/LICENSES.chromium.html
- Size
  
  5.0MB
- MD5
  
  5201488d4139cb6976431b6bc6026e49
- SHA1
  
  566969157f998749e3c6b4ab6ac35097ea3a9df8
- SHA256
  
  5933e91a3978bac616a0cc85e67833a17cd44b7e4702c074fe2a641e0baa638c
- SHA512
  
  5e70a1056fbe49eb3766baefe0329f86f2c0870216d9e51dcb7849e3a0a8fa1e3e13bd66a4ea776e652e0e80bd540d700c9e219cb29b10c38146c67c31b7abb0
- SSDEEP
  
  12288:FetnJnVncnJnkncnpWQtnwn7n9nJnCnZnGn3eQSnqnBnununFn/nwnJnqnvnOnqi:nPDt5WXWSNkbfwVR8mfJvwH92EdpV
Score

1^/10
behavioral25 behavioral26
- Target
  
  RAVAntivirus/ui/d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  b8194cbd6159753536ebb1e0d23e9ac2
- SHA1
  
  dc8ae041a90a463a56f895461bbb905193a68890
- SHA256
  
  5bc1dc6d3f9408838e75de03cb0a26b1e0689acd39aa59c94d9a167dd74e8667
- SHA512
  
  25a3ff999f699a934087ca98415fe05ac1f40b688179faab3855c3debb017f5124d43a5f0b5a14f9b9049c434bff4e9bdc472574ebdd2a4523f0ca83fbd3301c
- SSDEEP
  
  49152:buhjwXkKcimPVqB4faGCMhGNYYpQVTxx6k/ftO4w6FXKpOD21pLeXvZCoFwI8ccs:Ty904wYbZCoOI85oyI/
Score

3^/10
behavioral27 behavioral28
- Target
  
  RAVAntivirus/ui/ffmpeg.dll
- Size
  
  2.7MB
- MD5
  
  f0813aad3795173455ea678cefa64a4f
- SHA1
  
  f3db891e27a178cf07a5e2b9da68d342a6900c6c
- SHA256
  
  c0d3034338d1cabc6091f4c63a541ea1448ada7e5c8462b2a3304831425e4c09
- SHA512
  
  c7581c2a9e43206a689e547e0e354551fe34f6bc687ce75496255e00dacc05e421bd7bc6894e5a5f178671b1f9bc1aaee8aea14581ff5bc6b08acbbb546e82a7
- SSDEEP
  
  49152:98qdAmBRsEsA2lydpsV2+ulbCVCbBdRXLvPznKF76ayToQVNU52kJ8dj02bfUCfE:XdZB6ssV2vWCbB7K7ryToQVNU52kJ0UR
Score

1^/10
behavioral29 behavioral30
- Target
  
  RAVAntivirus/ui/libEGL.dll
- Size
  
  475KB
- MD5
  
  74d837b2885e121afb116a38241efdcd
- SHA1
  
  0d74260a0c8542de7520ce4d98a9828b0b8e056a
- SHA256
  
  e6ba6a93d124b6c9bb4c63c8168540d25357f7f8608cf5583b35402e419b17d8
- SHA512
  
  f09ab43e272a449bb19e763d0a07d6f037bbc721878a9c7c5c282c3302e53ed4419c599f5326d96c303b0cf3916b43975dadac0912bca5d3d6d8e7b106c2abb8
- SSDEEP
  
  6144:+KEcTs/jvtGCIvT/BIy/71C6h7i6DPgwlXwuxkC8wmrj8hLeCh:+KEcTs/jvtGCIb/BI/CLPzxk7wmrj0x
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32