General
-
Target
acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595.exe
-
Size
17KB
-
Sample
241001-rwce7sthkr
-
MD5
af48897e401a79baf8086585c18cf8fe
-
SHA1
44e9a2699d07cbba45493000287ab5dfbe86df77
-
SHA256
acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595
-
SHA512
c65d348d3225e86909e33e9ef9717be72ea7f934b673f82748907f927c459c39e739dcb3ebcfc029b3fdd81d7a528cd2a025d01b28ded04a604a6375b13b8ea1
-
SSDEEP
192:NWnNnAi9HEsjSXOLqaJN5MoiwH7abHG+jR9nsVVI+2ky0C+2c:NWnJ9HaOEoiwH7ab9sVK+2ky0C+2c
Behavioral task
behavioral1
Sample
acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Guest
tzii.myq-see.com:888
RV_MUTEX-IUnoWrUUgHRHXJv
Targets
-
-
Target
acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595.exe
-
Size
17KB
-
MD5
af48897e401a79baf8086585c18cf8fe
-
SHA1
44e9a2699d07cbba45493000287ab5dfbe86df77
-
SHA256
acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595
-
SHA512
c65d348d3225e86909e33e9ef9717be72ea7f934b673f82748907f927c459c39e739dcb3ebcfc029b3fdd81d7a528cd2a025d01b28ded04a604a6375b13b8ea1
-
SSDEEP
192:NWnNnAi9HEsjSXOLqaJN5MoiwH7abHG+jR9nsVVI+2ky0C+2c:NWnJ9HaOEoiwH7ab9sVK+2ky0C+2c
Score10/10-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Uses the VBS compiler for execution
-