General
-
Target
a8bcd5d5355bbc74ed713d87038c8f09
-
Size
742KB
-
Sample
240227-kr2qzacf85
-
MD5
a8bcd5d5355bbc74ed713d87038c8f09
-
SHA1
fbb20b23b0def929b0ec0fad6608168a67b7adfe
-
SHA256
ccc0bd7cb872675f8a49733bdd68bb7952093202a6b6ecb6610088a56ea1b269
-
SHA512
7d9e5ffff1a2afb57fa67da17127c39ff1a8da3382b9c2af5cc44277e43bb1063d18bc29f6eb750b62853761f787a5447b5265b3779a7009f2e15d26cf0cef09
-
SSDEEP
12288:qjkArEN249AyE/rbaMct4bO2/VZIEU9Dh3vcF4bIEUl5ddXvy6kjYl+w:tFE//Tct4bOsjItd3vCgQB
Behavioral task
behavioral1
Sample
a8bcd5d5355bbc74ed713d87038c8f09.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a8bcd5d5355bbc74ed713d87038c8f09.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
Guest
192.168.178.1:4662
192.168.178.32:4662
RV_MUTEX-YPcYBGldGoFYEKg
Targets
-
-
Target
a8bcd5d5355bbc74ed713d87038c8f09
-
Size
742KB
-
MD5
a8bcd5d5355bbc74ed713d87038c8f09
-
SHA1
fbb20b23b0def929b0ec0fad6608168a67b7adfe
-
SHA256
ccc0bd7cb872675f8a49733bdd68bb7952093202a6b6ecb6610088a56ea1b269
-
SHA512
7d9e5ffff1a2afb57fa67da17127c39ff1a8da3382b9c2af5cc44277e43bb1063d18bc29f6eb750b62853761f787a5447b5265b3779a7009f2e15d26cf0cef09
-
SSDEEP
12288:qjkArEN249AyE/rbaMct4bO2/VZIEU9Dh3vcF4bIEUl5ddXvy6kjYl+w:tFE//Tct4bOsjItd3vCgQB
Score10/10-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-