General
-
Target
LisectAVT_2403002B_51.exe
-
Size
1.1MB
-
Sample
240725-b1tmaatbrc
-
MD5
27cbd5d7725f56a0363c0b77148d27a5
-
SHA1
ac1b227624b87cd5fb8e7dcc3aca6d9fb503345f
-
SHA256
a202cfd031824705d38f624c23940126edf58c541d496a84eee7fbc13dde7d8d
-
SHA512
756038f61df386efa1290484906f35ed6d72d809dca4aac787f13f1a4110c52072eca0ce160884624665c5834d91d50e8153e8ae46cf76714adb8b97b8d645fc
-
SSDEEP
24576:mq5TfcdHj4fmbi2q+0MmV0VMXeyrtoT1GokHTQoCwsC+:mUTsamOx9RoBVoCw
Malware Config
Targets
-
-
Target
LisectAVT_2403002B_51.exe
-
Size
1.1MB
-
MD5
27cbd5d7725f56a0363c0b77148d27a5
-
SHA1
ac1b227624b87cd5fb8e7dcc3aca6d9fb503345f
-
SHA256
a202cfd031824705d38f624c23940126edf58c541d496a84eee7fbc13dde7d8d
-
SHA512
756038f61df386efa1290484906f35ed6d72d809dca4aac787f13f1a4110c52072eca0ce160884624665c5834d91d50e8153e8ae46cf76714adb8b97b8d645fc
-
SSDEEP
24576:mq5TfcdHj4fmbi2q+0MmV0VMXeyrtoT1GokHTQoCwsC+:mUTsamOx9RoBVoCw
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-