Extracted

• • Target

    0000003323677.js

  • Size

    253KB

  • MD5

    453bc0d9d84305bd4811c8c0c8622db6

  • SHA1

    85553506f2dc5abcec56a06cb36f69c0b046efa4

  • SHA256

    862502255d9fd9eb8f658e23f3833e7cd211514cb9f9a6a2853ae9858d3843f7

  • SHA512

    af6ef42e885481ae3bc0939017c8eb328531ea50d7eb852bd7b5b744a70d202e57f09f2671ab1553c05d4c53181973896c44109e7eb19f7fb0d087f697632d87

  • SSDEEP

    6144:p8t+pgvJENiy2BMs+1WKKL7EVLy19uQTuol9nv2RWoaAImBeN1PXY1qm:p8kpgvJENZ2JJLm

  Score

  10^/10

  revengeratnyancatrevengeexecutiontrojan

  • RevengeRAT

    Remote-access trojan with a wide range of capabilities.

    trojanrevengerat

  • Revengerat family

    revengerat

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2