General
-
Target
43a2a6b018663421f24500b1ec5d9b4acbe1079eb1aff150c942362eef63e8bbN
-
Size
1.3MB
-
Sample
241109-wdfr5ayhlr
-
MD5
9c99e626dc35444077a3682e043bef30
-
SHA1
97d31f72832e3802392e5eb1c809a728e927f31d
-
SHA256
43a2a6b018663421f24500b1ec5d9b4acbe1079eb1aff150c942362eef63e8bb
-
SHA512
2e6fcc3e3119adbd2371e0f5ec95b6cf64210ed0b7036a288fcf313d8c4df3a4775f554cc49880ba3b64eb7dccf151fd28e3be5243d04a2847ecaaee720e8d25
-
SSDEEP
24576:5q5TfcdHj4fmbYs2qPIVf3+2/0dNGby6z3JLUOXxA9yozBF0:5UTsamXxwf3+2/MNGCOXxAg
Malware Config
Targets
-
-
Target
43a2a6b018663421f24500b1ec5d9b4acbe1079eb1aff150c942362eef63e8bbN
-
Size
1.3MB
-
MD5
9c99e626dc35444077a3682e043bef30
-
SHA1
97d31f72832e3802392e5eb1c809a728e927f31d
-
SHA256
43a2a6b018663421f24500b1ec5d9b4acbe1079eb1aff150c942362eef63e8bb
-
SHA512
2e6fcc3e3119adbd2371e0f5ec95b6cf64210ed0b7036a288fcf313d8c4df3a4775f554cc49880ba3b64eb7dccf151fd28e3be5243d04a2847ecaaee720e8d25
-
SSDEEP
24576:5q5TfcdHj4fmbYs2qPIVf3+2/0dNGby6z3JLUOXxA9yozBF0:5UTsamXxwf3+2/MNGCOXxAg
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
Revengerat family
-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-