General
-
Target
0e2aec711565719376bc60bcea8fa5c94e640bdf89671dc6c0d08129b6af08c5
-
Size
1.4MB
-
Sample
250311-ykvkzasny6
-
MD5
8d4272bb85d4d830ae700da174950292
-
SHA1
3e76b3fc0e2ff41765ec06ad18ba4f25cb282818
-
SHA256
0e2aec711565719376bc60bcea8fa5c94e640bdf89671dc6c0d08129b6af08c5
-
SHA512
68a7415cbd6bf7af9f10a80292f4914395e539b5d9e7f6880b7e8258ffac6308de6f6bc808be9ebcb6b0d79c9025a6053cc68049533e5cddff034b8149ccaa36
-
SSDEEP
24576:pq5TfcdHj4fmbz2qp0smVkVMyTmXqvEzKJ9TtLb6OqX8N70zQJ9TtDCZ6:pUTsamPxwXs5KX8B57
Malware Config
Targets
-
-
Target
0e2aec711565719376bc60bcea8fa5c94e640bdf89671dc6c0d08129b6af08c5
-
Size
1.4MB
-
MD5
8d4272bb85d4d830ae700da174950292
-
SHA1
3e76b3fc0e2ff41765ec06ad18ba4f25cb282818
-
SHA256
0e2aec711565719376bc60bcea8fa5c94e640bdf89671dc6c0d08129b6af08c5
-
SHA512
68a7415cbd6bf7af9f10a80292f4914395e539b5d9e7f6880b7e8258ffac6308de6f6bc808be9ebcb6b0d79c9025a6053cc68049533e5cddff034b8149ccaa36
-
SSDEEP
24576:pq5TfcdHj4fmbz2qp0smVkVMyTmXqvEzKJ9TtLb6OqX8N70zQJ9TtDCZ6:pUTsamPxwXs5KX8B57
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
Revengerat family
-
RevengeRat Executable
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-