General
-
Target
9160416822.zip
-
Size
109KB
-
Sample
230213-yn1amafb8x
-
MD5
486ced6680c8ed337fe5bf217f6e9b54
-
SHA1
8411712b6534bbe9ceb650818b90cd699fad31e5
-
SHA256
4d0c6e5dc38eef9222bbb9c8b2fcc8977ffdb1bcc6b770fbad5c3e401d1f70a8
-
SHA512
d11f6f5387a74749d4fac6d5a774043ca4220a4dfc0e08acaf6f01a902c64a772d665e7f686e8e11da45a16b28d29b6b84f0e1f19c620a663fdb7fecc0a1aba9
-
SSDEEP
3072:VmKdaq7Lx1I/rBhTzznEiNSjpE+N9UNxtPS:VmKV7LxSrjXEiWpEHxJS
Static task
static1
Behavioral task
behavioral1
Sample
51bc942d371ca8c6ab7358fa5724eab2ab2e97b00d2ba558c73641629758b3a6.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
51bc942d371ca8c6ab7358fa5724eab2ab2e97b00d2ba558c73641629758b3a6.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
51bc942d371ca8c6ab7358fa5724eab2ab2e97b00d2ba558c73641629758b3a6
-
Size
164KB
-
MD5
d3106dc883cde0c9e80964f324cfd4fb
-
SHA1
b95ba0c6537d07dce6ffc49ffc242572f74c8a36
-
SHA256
51bc942d371ca8c6ab7358fa5724eab2ab2e97b00d2ba558c73641629758b3a6
-
SHA512
f0ff28f5a7b11bf38429d996f1d71a20ffb8b350c95af3c3b2c6e342f59dd060dc035dfb0c4b36190d8595683afeb1d325a65dd002d95713f37cdde589638ebc
-
SSDEEP
3072:lGBMeD7VjYbDnEwlECnjcipp91glWWozX//l0KlPu/QpUhXAS0RB:8MK2A6nIYp91glW1XHtB
Score10/10-
RevengeRat Executable
-
Drops startup file
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-