Extracted

• • Target

    07c41d727f11d4594a6591b644eff38c253e44d4cb908cecfdc66b36dae238e2.js

  • Size

    256KB

  • MD5

    d9502fb08720229c43e883d68c39258c

  • SHA1

    fd889a14456fd1f3a862e6b1d647049c0b63674c

  • SHA256

    07c41d727f11d4594a6591b644eff38c253e44d4cb908cecfdc66b36dae238e2

  • SHA512

    bbdc0c079953acc89e25a654445e36a3b4414b527d67137be752b5101562b12c01643a0468edd02ef30baebe9e3098419073f1ff0c7db512b1b57299e72ab7a2

  • SSDEEP

    6144:o0hOy97siZVxLcCIaqIgj2U1Ska535/KBsSTJ/cK144AGxayi7jcvB3zJFCIc:o0hO27siLxLWrpVM

  Score

  10^/10

  revengeratnyancatrevengeexecutiontrojan

  • RevengeRAT

    Remote-access trojan with a wide range of capabilities.

    trojanrevengerat

  • Revengerat family

    revengerat

  • Blocklisted process makes network request

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2