General
-
Target
b9ee459ad5c517aea39a87a59e360d2e
-
Size
1.4MB
-
Sample
240229-z8vrbadd58
-
MD5
b9ee459ad5c517aea39a87a59e360d2e
-
SHA1
db88750dfaf6bdad844bad6f39a0c8eb635e5f66
-
SHA256
f59f1892ffa3ea493f7e3fe3b0c9fe0cc351bd3ad68945011463cedccbcba897
-
SHA512
cee3831b834a13fa123946f4a24c2d42b227c5e7f17d0319f5a6a017e1d8dcefdfab7e06baf0a8aa314a2e72bb7e9b4393f74b1ad1c004ce800019e6cab1557d
-
SSDEEP
24576:Tq5TfcdHj4fmbu2qhEzKJ9TtrJLnU88MYtWYQYPx00zQJ9TtFzLnUwvSYtWYoYPh:TUTsamCxT5/YtWYQYPC5KYtWYoYPh
Behavioral task
behavioral1
Sample
b9ee459ad5c517aea39a87a59e360d2e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b9ee459ad5c517aea39a87a59e360d2e.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
b9ee459ad5c517aea39a87a59e360d2e
-
Size
1.4MB
-
MD5
b9ee459ad5c517aea39a87a59e360d2e
-
SHA1
db88750dfaf6bdad844bad6f39a0c8eb635e5f66
-
SHA256
f59f1892ffa3ea493f7e3fe3b0c9fe0cc351bd3ad68945011463cedccbcba897
-
SHA512
cee3831b834a13fa123946f4a24c2d42b227c5e7f17d0319f5a6a017e1d8dcefdfab7e06baf0a8aa314a2e72bb7e9b4393f74b1ad1c004ce800019e6cab1557d
-
SSDEEP
24576:Tq5TfcdHj4fmbu2qhEzKJ9TtrJLnU88MYtWYQYPx00zQJ9TtFzLnUwvSYtWYoYPh:TUTsamCxT5/YtWYQYPC5KYtWYoYPh
Score10/10-
RevengeRat Executable
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-