General
-
Target
WinRAR.bin.exe
-
Size
3.2MB
-
Sample
230922-jx9s4aeg4z
-
MD5
c269bc5e2c6c1767fa47ba3c983a6513
-
SHA1
d6baf7106e6579babb8262abcffdf635fc9d6d23
-
SHA256
a71916846ff796a16a2305782a656adbc4b21be2343773c8832ae73d2a7a9e6f
-
SHA512
0fc254b52d2dbd640d05d92cba14c3f5f72ba911d6567d53f0c7bd0aac3178f2e013121efb94e81c158ad0cd51bfd50b84ef887001b4aaccdc82d72007bab9c7
-
SSDEEP
98304:qviz/27qWGq/TzuqCDl2Ptao7js4F5FNZ:qviq75/TzufF45NZ
Static task
static1
Behavioral task
behavioral1
Sample
WinRAR.bin.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
WinRAR.bin.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
revengerat
NyanCatRevenge
marcelotatuape.ddns.net:333
2180459765
Targets
-
-
Target
WinRAR.bin.exe
-
Size
3.2MB
-
MD5
c269bc5e2c6c1767fa47ba3c983a6513
-
SHA1
d6baf7106e6579babb8262abcffdf635fc9d6d23
-
SHA256
a71916846ff796a16a2305782a656adbc4b21be2343773c8832ae73d2a7a9e6f
-
SHA512
0fc254b52d2dbd640d05d92cba14c3f5f72ba911d6567d53f0c7bd0aac3178f2e013121efb94e81c158ad0cd51bfd50b84ef887001b4aaccdc82d72007bab9c7
-
SSDEEP
98304:qviz/27qWGq/TzuqCDl2Ptao7js4F5FNZ:qviq75/TzufF45NZ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-