General
-
Target
3e6ccd18e4c73a47788808a13edf414283cd929976e64b8900e3b50b2a3429c3N
-
Size
1.5MB
-
Sample
241003-1pw1pssara
-
MD5
391c9e6772aaabdf4ba72676f257a510
-
SHA1
dfd29eca965d42b4a53476bfc551db21314b2721
-
SHA256
3e6ccd18e4c73a47788808a13edf414283cd929976e64b8900e3b50b2a3429c3
-
SHA512
7acb16c3361d34b63b1e711090867bebe8c5b1a491a7a809b46b6c6f6e8d6f4c4575eb7128e1b6394e56be9e38327e0552e3dd4149d9204897b887a86bbac7ba
-
SSDEEP
24576:+q5TfcdHj4fmb22qOjzKJ9Ttrd0IT7fify/jdfcFzQJ9TtFM6VRAjdMgF:+UTsamixd5Vjd75+jdF
Malware Config
Targets
-
-
Target
3e6ccd18e4c73a47788808a13edf414283cd929976e64b8900e3b50b2a3429c3N
-
Size
1.5MB
-
MD5
391c9e6772aaabdf4ba72676f257a510
-
SHA1
dfd29eca965d42b4a53476bfc551db21314b2721
-
SHA256
3e6ccd18e4c73a47788808a13edf414283cd929976e64b8900e3b50b2a3429c3
-
SHA512
7acb16c3361d34b63b1e711090867bebe8c5b1a491a7a809b46b6c6f6e8d6f4c4575eb7128e1b6394e56be9e38327e0552e3dd4149d9204897b887a86bbac7ba
-
SSDEEP
24576:+q5TfcdHj4fmb22qOjzKJ9Ttrd0IT7fify/jdfcFzQJ9TtFM6VRAjdMgF:+UTsamixd5Vjd75+jdF
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-