General
-
Target
stealer30.bin
-
Size
373KB
-
Sample
230209-s7lzfsad32
-
MD5
70d717a07a6df0db8fa222a5719c1ccd
-
SHA1
71dd5d3f838e2f869cca3aaf186c60aeb05bd682
-
SHA256
4acc7393b942c7c331ef0d08dc20000177adbe93f7a5202af14735b148c432f7
-
SHA512
cd83260c5b5891815907fb8b18383d8428c7d77a5c8af0556aaa8036e7dc2026c1e268506df86385dc8a2cb7d776b700b638adbf79b4d393a331b6d6e85cb250
-
SSDEEP
6144:wsNJZA19r/SpqYYn/70nFIyUveIh6i2AgVv0Io9J:b/i9T07YD0XF+n
Static task
static1
Behavioral task
behavioral1
Sample
stealer30.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
stealer30.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
stealer30.bin
-
Size
373KB
-
MD5
70d717a07a6df0db8fa222a5719c1ccd
-
SHA1
71dd5d3f838e2f869cca3aaf186c60aeb05bd682
-
SHA256
4acc7393b942c7c331ef0d08dc20000177adbe93f7a5202af14735b148c432f7
-
SHA512
cd83260c5b5891815907fb8b18383d8428c7d77a5c8af0556aaa8036e7dc2026c1e268506df86385dc8a2cb7d776b700b638adbf79b4d393a331b6d6e85cb250
-
SSDEEP
6144:wsNJZA19r/SpqYYn/70nFIyUveIh6i2AgVv0Io9J:b/i9T07YD0XF+n
Score10/10-
RevengeRat Executable
-
Drops startup file
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-