Overview

overview

6

Static

static

1

Revo Unins...le.exe

windows10-2004-x64

1

Revo Unins...ar.exe

windows10-2004-x64

1

Revo Unins...md.exe

windows10-2004-x64

6

Revo Unins...ro.exe

windows10-2004-x64

1

Revo Unins...lt.exe

windows10-2004-x64

Revo Unins...lt.exe

windows10-2004-x64

Revo Unins...lt.exe

windows10-2004-x64

Revo Unins...ar.exe

windows10-2004-x64

1

Revo Unins...md.exe

windows10-2004-x64

6

Revo Unins...ro.exe

windows10-2004-x64

1

Revo Unins...lt.exe

windows10-2004-x64

Revo Unins...lt.exe

windows10-2004-x64

Revo Unins...lt.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Revo Uninstaller Pro 5.1.1 Portable Win x64.rar

  • Size

    19.2MB

  • Sample

    230415-x1xjtsgh5s

  • MD5

    42156ce100eb9de56ef219a76d5148c4

  • SHA1

    a2eb914b5ae91ae98a5a45f20f6a03ca27b29b8f

  • SHA256

    4f7fc082c3d3eb9e53e4b577e0ea01a10aa91338955214f8245888077ff98edb

  • SHA512

    8aa1b94515faa87ee27be9cbfee71210a1f0f412586a433f6f7494826adc61a0bc200aba5eb1fd4b61c8cf9c2b7d5d4841f9c9c635cd9ff053686afc3ce864dd

  • SSDEEP

    393216:xzKcSOAhtxnan1N3x+DTLx2NvoacouQnCdRKkYKPuFMRTV8EA43LFyiikkYN6:sTOot03BKnQVodQaYrMEEB3LFy9f

Score
6/10
discovery

Malware Config

Targets

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/RevoUninstallerProPortable.exe

    • Size

      172KB

    • MD5

      984f51ec99705062fe068dc4bef3fbbc

    • SHA1

      2a617dfdee0d0bdf76556a2d0a3bd1f27e9038a5

    • SHA256

      ec8070594d12fd76aaf18476488e3f24ecdb08830d26004ef6b90e41abda6fd9

    • SHA512

      68e029bd81a147df137cc0d8abca472b826856fcbab5470fbe9fe63d866a3fffe6f1002d10c0a1cdf31b275dee5b5ed188d750325eb99f05848d953bd28f7edb

    • SSDEEP

      3072:QZS1ODHhmmm/DiLgweak5yJcDK5io5RljzolzXZSx09FeR:QS1pU4qjzoVkx2s

    Score
    1/10
    behavioral1

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x64/RevoAppBar.exe

    • Size

      9.3MB

    • MD5

      318f89da7621d1934b58a242b6b8f3da

    • SHA1

      5639aa4b2d27cc22a36cd3835bab7f6071666df7

    • SHA256

      be0b6b0de4d6a307e27fc7c20488182b705026e42bb1c47cc076b4c581fa261e

    • SHA512

      5b23e639be2fbc68857cfaafe1c00ad5e76a6d5caf3719ffc1e8c12f9bf7be03dc5a21ff051a15be63e3ac115b76a619f83ee4e1b0066e91bec23177abf52853

    • SSDEEP

      98304:EQyUhRDqFQZTUUyQYSgJkinJ/yqLWA0p/5chEuuZkJaR:EQyQ7/NCzhbaR

    Score
    1/10
    behavioral2

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x64/RevoCmd.exe

    • Size

      86KB

    • MD5

      97d81b3140a3c7f8169968f4c219b187

    • SHA1

      ff71168ba98f8bca1b6eba7c89a9f01c370696d6

    • SHA256

      ac7aee6f58cdaa072a87d770d9a011dd450412ef81c81fa8df327080f10ade1c

    • SHA512

      d25e99da43b99920fb17f0f8876a25c932fd2580a02d0c4556d3f0cef1deb89816d1751659603761cc5158c564f97129ff1b4aaf931e98374fb1302ddf1c0114

    • SSDEEP

      1536:Zfq2fdmQUTm5VHT7BWjdZFk81eLE19D9z3TgR551ZbOb1/Ah0:ZfX0JqvHTIfmAe69JT855XbObX

    Score
    6/10
    discovery

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral3

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x64/RevoUnPro.exe

    • Size

      24.0MB

    • MD5

      088ab62a61a7d672aebe8ba4c3147c2f

    • SHA1

      4d1bdc8c433e08a928ebcb86d4af981cf6625df9

    • SHA256

      4c7c34c632fa32f1e4af9652d5b6db0f1520f863bfbfa26da8d20e98aa44880a

    • SHA512

      0b02320174bb24f1cf638ba3a31e69b048ef8d84749fe375d8e018c5e00806fc2cb71ed3bc8c4a569eb5d54f6dcc0e823f8e94322660a543c4a77a5ba47c346b

    • SSDEEP

      196608:JFWFlIfYxyo/ggCz2hF97ydTxhbmWqPWpyR1pOIIIIIIIIIIIIIIIIIIIIIIIIIa:JFclIwxyoQz2hSzhlqPWpyR1pBI

    Score
    1/10
    behavioral4

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x64/Vista/revoflt.sys

    • Size

      39KB

    • MD5

      498c3d4d44382a96812a0e0ff28d575b

    • SHA1

      c34586b789ca5fe4336ab23ad6ff6eeb991c9612

    • SHA256

      23cb784547268cf775636b07cac4c00b962fd10a7f9144d5d5886a9166919bba

    • SHA512

      ce450128e9ca1675eab8aa734dc907dfc55f3dacd62503339080d6bd47b2523d063786dbe28e6833db041f1d5869670be2411a39c7b8d93d05a98b4c09cad1a1

    • SSDEEP

      768:5UKM0N2alRO3gpeBJNUG+ML1naP6IXW0hzbhL7bCEMmo2ocAhu:DX+RtTL1naP6IzbhjCEDo2/Ahu

    Score
    1/10
    behavioral5

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x64/Win10/revoflt.sys

    • Size

      37KB

    • MD5

      ec8e58e6b58b4fcde77431cda3a24c0e

    • SHA1

      ebb474009b2a2fbce648adff4b8b797fcd00c997

    • SHA256

      25667717bf4691957f07a6363585e2c7eaf22e5fd7229bf32c91ea59ef4a2edd

    • SHA512

      e2c667ebe97973ff27c1edf3e45ebf7950bc8d7aad1126da25290a2f590b21808654694cbe6a0ad1d3649566ec7645eb6b3379c7d7c0a650d5381a69e9cdade4

    • SSDEEP

      768:A1uOPkxgu01UuLjQL1nHSSdW7W0fz1Qp33u43gf:AQqk7HL1nO/Qtrgf

    Score
    1/10
    behavioral6

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x64/revoflt.sys

    • Size

      46KB

    • MD5

      0006295c6c5f7fad92484785b9c8fac6

    • SHA1

      7e50c90a91b92f943e951c1cd8809fe12fc75cc0

    • SHA256

      4ba2879f2b82978110e4b3940ebfeb2ca2399660b0627998c6fea0bf33603b62

    • SHA512

      37f02befaf3b988676af4e556cba142dfef78fd771d4c68f7744e92e789a5c1fd72afe2bb38e297e190f962a6ccf58c161f80bec2a7aacaf024256f25eb7bf03

    • SSDEEP

      768:F1uOPkxgu01UuLjQL1nHXSdW7W0fz1f/BPKg9aUUf2h5:FQqk7HL1n3/f/Z3zUfI

    Score
    1/10
    behavioral7

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x86/RevoAppBar.exe

    • Size

      8.0MB

    • MD5

      a3ac78c5e0b16466bfe7b9ba5d5ada37

    • SHA1

      b527ef52d990a258dbd70bfa453317a03891f2ef

    • SHA256

      043513ffeea3d864191566cbdada4425411256672265e333afff4a81109a9ee7

    • SHA512

      707003c49d9e0d2b391efe5cdbb6f1a449e83d88812dd8d1824fc4861869c586c9413cfa6a0f6b3223c76381a03c58d70ccbe3f9b0bd4a182020903c941bb9e6

    • SSDEEP

      98304:hM3NdZdJOz4kcamg5gbT71FLiFUYCO9voIdwSoyWA0p/5chEuuZkJaA:hM3RORmgY7GFFQIdwSVhbaA

    Score
    1/10
    behavioral8

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x86/RevoCmd.exe

    • Size

      81KB

    • MD5

      30cde7798fb267bd55b4596434679f44

    • SHA1

      9d23fb4df5e5e26e22ae4e3d39059d5f3437193d

    • SHA256

      b2107be35b363f0fa57cabb3e592720992a9e10bef465407a36cf6c83f907bf5

    • SHA512

      e7120b7269165dfc9e432b8c8d264ec88a88731eca9315c89ebdaee59c70fa864eeb9e995a6f016a649fa0886dba20c32f70411f0caa25f004cd7093450de6fb

    • SSDEEP

      1536:63mo3RNxNTnbrpLC2uEpqY+knbgou5XLMflv/AhTo:g9/7npLbNcou5XKlf

    Score
    6/10
    discovery

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral9

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x86/RevoUnPro.exe

    • Size

      20.8MB

    • MD5

      670f56108e6e851321bcc222617e3611

    • SHA1

      a905bd923d4b95080bb57c0674acfc1626cc0ea1

    • SHA256

      e7c194be7d6e092378e6b2e9be1620ba8527b6f60f9b25bc83b671f6dba5607b

    • SHA512

      d893d00593b1bf71201ec1b1b7258bdde86a6d7b22e4e3a5262a3fae27b3f106947454423e6db78d858863f0f7225e40be25a92f92a893e92eacc4d1e9fbca6c

    • SSDEEP

      196608:KZSXbSiI1pvEXuPjQ+7hBEDN0goUM7jnPLR7ydTxhbmWqPWpyR1pOIIIIIIIIIIF:KZSLSPmePvTEDGgBzhlqPWpyR1pB+

    Score
    1/10
    behavioral10

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x86/Vista/revoflt.sys

    • Size

      34KB

    • MD5

      53b46882544f2e4ca0c0b1b5401259b1

    • SHA1

      fed93f2c7c6dc27e96bc87d51b9591585644fab1

    • SHA256

      67004a65c225a0261c6e810ee748f47ade3f272a96642702e49c66fd8d59e809

    • SHA512

      a2f8967cd832ad20d687d95065681c1821a9ca3473098fabed7ddb04afa86d35eb7e0f98a70c7e7e2f7bb018f8b707c882600d1251b1c3cf932728cc30dc27a7

    • SSDEEP

      768:uE3BTw5RO9j4QRvBW+ScvbnJaL7bCEMmq6ocAhKL:uE3hw5RCnRjbJajCEDq6/AhKL

    Score
    1/10
    behavioral11

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x86/Win10/revoflt.sys

    • Size

      32KB

    • MD5

      2c6a762320d3b3d10c4ede6bc1beb43a

    • SHA1

      7ca470b579f46c4048433edd11d0b2b0d3fb8b3b

    • SHA256

      d7a14ab729d0a03d99db5f24d67f555f4d2a30d35e0f48a9c7269b83e8a4f425

    • SHA512

      8e468dbbce21a58c4cfd29874e452d0b45937934c8de35b2cf4028d290c245fc74bacea46002346c3cd805a2f6a3747f01b0dc50459fbb2ad8005309c4d95c20

    • SSDEEP

      768:tH5pHesJgciiwLV3GkE/WUGI4qFaLp33tzrH:t3esJgciiwLV3BLyFSt9zrH

    Score
    1/10
    behavioral12

    • Target

      Revo Uninstaller Pro 5.1.1 Portable Win x64/x86/revoflt.sys

    • Size

      41KB

    • MD5

      30d562a2156e0e51f3b571f40f0136a8

    • SHA1

      f731992769fe1550cbee74372f729db3802f4cff

    • SHA256

      2206eb936ccb2b43b1b2e6c995b6ba7563e2e0beedefca332370eca3223b92e2

    • SHA512

      aa3772c4b126232f308de60b63b93f8da97814906b2916c1b02bb7741a0dad03d1469416ad8dd2e2ee9684b846b8edb039d36e1dc9df68f18447df13518c689f

    • SSDEEP

      768:gH5pHesJgciiwLV3okE/WUGI4qFa3BPKgIarUf2hp:g3esJgciiwLV33LyFYZemUfA

    Score
    1/10
    behavioral13

MITRE ATT&CK Enterprise v6

Tasks