General
-
Target
3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446
-
Size
1.9MB
-
Sample
240430-xnv58sfe78
-
MD5
af724219e50ea816c9d03e89a05e31c0
-
SHA1
4ea66dbf0bdc79119d7674dfecaf135a4a6780a4
-
SHA256
0edb8931623d2f3d41415128c05d2431279e3eb979bcd2a96064e2b989bb7cb9
-
SHA512
42cb1e55a2f04ec1e941a110318fc44fd737d020aac8bd57f15747e2d3653945cda772f4376341feacfe58ddd3be5761e67bc210752ab8fe4b086cb721ba247c
-
SSDEEP
24576:Etb20pkaCqT5TBWgNjVYz0VTPIMeYyBMLlQjzCEzKJ9TtLzxwn1jAh0zQJ9TtDRb:tVg5tjVYzUKjY5u1jAF5V5l
Malware Config
Targets
-
-
Target
3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446
-
Size
1.9MB
-
MD5
af724219e50ea816c9d03e89a05e31c0
-
SHA1
4ea66dbf0bdc79119d7674dfecaf135a4a6780a4
-
SHA256
0edb8931623d2f3d41415128c05d2431279e3eb979bcd2a96064e2b989bb7cb9
-
SHA512
42cb1e55a2f04ec1e941a110318fc44fd737d020aac8bd57f15747e2d3653945cda772f4376341feacfe58ddd3be5761e67bc210752ab8fe4b086cb721ba247c
-
SSDEEP
24576:Etb20pkaCqT5TBWgNjVYz0VTPIMeYyBMLlQjzCEzKJ9TtLzxwn1jAh0zQJ9TtDRb:tVg5tjVYzUKjY5u1jAF5V5l
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-