Extracted

• • Target

    acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595.exe

  • Size

    17KB

  • MD5

    af48897e401a79baf8086585c18cf8fe

  • SHA1

    44e9a2699d07cbba45493000287ab5dfbe86df77

  • SHA256

    acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595

  • SHA512

    c65d348d3225e86909e33e9ef9717be72ea7f934b673f82748907f927c459c39e739dcb3ebcfc029b3fdd81d7a528cd2a025d01b28ded04a604a6375b13b8ea1

  • SSDEEP

    192:NWnNnAi9HEsjSXOLqaJN5MoiwH7abHG+jR9nsVVI+2ky0C+2c:NWnJ9HaOEoiwH7ab9sVK+2ky0C+2c

  Score

  10^/10

  revengeratstealertrojan

  • RevengeRAT

    Remote-access trojan with a wide range of capabilities.

    trojanrevengerat

  • RevengeRat Executable

    stealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Executes dropped EXE

  • Uses the VBS compiler for execution

  behavioral1behavioral2