RevoltG[.]Installer[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

RevoltG.Installer.exe
Size

255KB
MD5

9bc5f7daf81f25fe323f597418787356
SHA1

66a2d69d03a9b724e02abd7ef8727e5f78223c3b
SHA256

f6907d05fcba84b9fef3f2b63f59f71ecb4165b055b34d3d13004c27f9581f4e
SHA512

7e77b938653069e112706e2401c48e6b1be99b9632ec34fc4b97b5e19cdb0c1ea3440bd3e10bc0b9b91bed452d5497a206673ae8a733a289a4e2258918b35f9d
SSDEEP

1536:aU6TEshkZOeyrbZIKm/XLx4MyLbd0+aTUIRXR+nPucbd0faTUIRXR+5YV/rF:aULshkZKrbZyXodkfJcRdjfJc5YVjF

Score

1^/10

Malware Config

Signatures

Files

RevoltG.Installer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

01:e7:3d:10:24:bc:4d:84:4a:d3:47:a4:c2:13:8b:1c
Certificate

Issuer

CN=RevoltG

Not Before

30/11/2021, 17:00

Not After

31/12/2049, 17:00

Subject

CN=RevoltG

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4e:ba:68:9e:05:bd:09:ef:08:16:3d:03:48:7e:e3:fc:0f:a8:cf:85
Signer

Actual PE Digest

4e:ba:68:9e:05:bd:09:ef:08:16:3d:03:48:7e:e3:fc:0f:a8:cf:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\revoltg\installer\obj\Release\RevoltG.Installer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

01:e7:3d:10:24:bc:4d:84:4a:d3:47:a4:c2:13:8b:1cCertificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

4e:ba:68:9e:05:bd:09:ef:08:16:3d:03:48:7e:e3:fc:0f:a8:cf:85Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 136KB - Virtual size: 136KB

.rsrc Size: 113KB - Virtual size: 112KB

.reloc Size: 512B - Virtual size: 12B

01:e7:3d:10:24:bc:4d:84:4a:d3:47:a4:c2:13:8b:1c
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

4e:ba:68:9e:05:bd:09:ef:08:16:3d:03:48:7e:e3:fc:0f:a8:cf:85
Signer

.text
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 113KB - Virtual size: 112KB

.reloc
Size: 512B - Virtual size: 12B