General
-
Target
ccfcd88a55fd550f63d8ba2c045c08522ec1b3815b22bac3d2ddaf1d392e35bbN.exe
-
Size
1.4MB
-
Sample
250117-jey9msxnem
-
MD5
e636d53502c191b8822f7ac4ca2be6f0
-
SHA1
3df3c3cdd41a41d8c9c8091200cdace4dc1cd49f
-
SHA256
ccfcd88a55fd550f63d8ba2c045c08522ec1b3815b22bac3d2ddaf1d392e35bb
-
SHA512
3e3be0f83c452b6102e57a67663b01eabf169e2e5af4bb6065bb4118c8a7935d6028573f9b0b6b9ca35182aae301447ec1e5d632e3c4a0c70a245a89dea5c87f
-
SSDEEP
24576:Bq5TfcdHj4fmb9Ve9y2qYmIMeYyBMLVzjrKEzKJ9TtL3/7/ij+O0zQJ9TtD5lG:BUTsamC9yxVjw53ij+252
Malware Config
Targets
-
-
Target
ccfcd88a55fd550f63d8ba2c045c08522ec1b3815b22bac3d2ddaf1d392e35bbN.exe
-
Size
1.4MB
-
MD5
e636d53502c191b8822f7ac4ca2be6f0
-
SHA1
3df3c3cdd41a41d8c9c8091200cdace4dc1cd49f
-
SHA256
ccfcd88a55fd550f63d8ba2c045c08522ec1b3815b22bac3d2ddaf1d392e35bb
-
SHA512
3e3be0f83c452b6102e57a67663b01eabf169e2e5af4bb6065bb4118c8a7935d6028573f9b0b6b9ca35182aae301447ec1e5d632e3c4a0c70a245a89dea5c87f
-
SSDEEP
24576:Bq5TfcdHj4fmb9Ve9y2qYmIMeYyBMLVzjrKEzKJ9TtL3/7/ij+O0zQJ9TtD5lG:BUTsamC9yxVjw53ij+252
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
Revengerat family
-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-