General
-
Target
Nitro Gen.exe
-
Size
148KB
-
Sample
230526-lmh9haeg95
-
MD5
17815d9ae8c91fee989f811e9b9a3bc3
-
SHA1
a6e78f9138abc15f0d5a2067accda1c3254da1d8
-
SHA256
be9a5bba46a92a1078ab1c456d13fa49bc6fbc07cf0730026a1f4a9a647d9872
-
SHA512
55ac5e2f1626bd1af2fff8f15b6600a53e31bd5da50a61440e94a273a6ec064ab9bb420e092c37fe82e064acd5aeea2e0ac7276d1525c9aeef5548ce8df9e230
-
SSDEEP
3072:nc0hZB9EkCA9ideUq5MzMDJsqjMD4GI4+:c0ZIpEAMD+ISR+
Behavioral task
behavioral1
Sample
Nitro Gen.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Nitro Gen.exe
-
Size
148KB
-
MD5
17815d9ae8c91fee989f811e9b9a3bc3
-
SHA1
a6e78f9138abc15f0d5a2067accda1c3254da1d8
-
SHA256
be9a5bba46a92a1078ab1c456d13fa49bc6fbc07cf0730026a1f4a9a647d9872
-
SHA512
55ac5e2f1626bd1af2fff8f15b6600a53e31bd5da50a61440e94a273a6ec064ab9bb420e092c37fe82e064acd5aeea2e0ac7276d1525c9aeef5548ce8df9e230
-
SSDEEP
3072:nc0hZB9EkCA9ideUq5MzMDJsqjMD4GI4+:c0ZIpEAMD+ISR+
Score10/10-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-