General
-
Target
Акт сверки взаимных расчетов за период 01.03-31.03.exe
-
Size
135KB
-
Sample
230405-qnl41agh8t
-
MD5
d0f590b69c8e55b3ef545f23dc480b62
-
SHA1
6b330598ff0e2b988d95285e2b093619dc36066c
-
SHA256
ed97f674adb71e2958bba2aa2d1051ae4b938b22649723417e15af7c717057dc
-
SHA512
9c6124496748cc89c13716dd9ae1bd00a33fce32a26554bdacf13707ac2db305593d9a6fdc6197c6f593bb26e552c5f9b10f2df7e0add32ee85bcb60e79286e0
-
SSDEEP
3072:4LSLwYN0TIXpn8YvNXHBw8sw0wkTuyNp/1pM1klN6R9lDSp:4LpTeptewXkCyPAXRrDSp
Static task
static1
Behavioral task
behavioral1
Sample
Акт сверки взаимных расчетов за период 01.03-31.03.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Акт сверки взаимных расчетов за период 01.03-31.03.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Акт сверки взаимных расчетов за период 01.03-31.03.exe
-
Size
135KB
-
MD5
d0f590b69c8e55b3ef545f23dc480b62
-
SHA1
6b330598ff0e2b988d95285e2b093619dc36066c
-
SHA256
ed97f674adb71e2958bba2aa2d1051ae4b938b22649723417e15af7c717057dc
-
SHA512
9c6124496748cc89c13716dd9ae1bd00a33fce32a26554bdacf13707ac2db305593d9a6fdc6197c6f593bb26e552c5f9b10f2df7e0add32ee85bcb60e79286e0
-
SSDEEP
3072:4LSLwYN0TIXpn8YvNXHBw8sw0wkTuyNp/1pM1klN6R9lDSp:4LpTeptewXkCyPAXRrDSp
Score10/10-
RevengeRat Executable
-
Drops startup file
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-