revengerat | acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595 | Triage

Submit
Reports

Overview

overview

Static

static

file.exe

windows7_x64

file.exe

windows10_x64

Sharing

General

Target

file
Size

17KB
Sample

201109-93z22n6l42
MD5

af48897e401a79baf8086585c18cf8fe
SHA1

44e9a2699d07cbba45493000287ab5dfbe86df77
SHA256

acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595
SHA512

c65d348d3225e86909e33e9ef9717be72ea7f934b673f82748907f927c459c39e739dcb3ebcfc029b3fdd81d7a528cd2a025d01b28ded04a604a6375b13b8ea1

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer guest revengerat

Behavioral task

behavioral1

Sample

file.exe

Resource

win7v20201028

revengerat guest stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

file.exe

Resource

win10v20201028

revengerat guest stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

tzii.myq-see.com:888

Mutex

RV_MUTEX-IUnoWrUUgHRHXJv

Targets

- Target
  
  file
- Size
  
  17KB
- MD5
  
  af48897e401a79baf8086585c18cf8fe
- SHA1
  
  44e9a2699d07cbba45493000287ab5dfbe86df77
- SHA256
  
  acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595
- SHA512
  
  c65d348d3225e86909e33e9ef9717be72ea7f934b673f82748907f927c459c39e739dcb3ebcfc029b3fdd81d7a528cd2a025d01b28ded04a604a6375b13b8ea1
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Drops startup file
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratgueststealertrojan

behavioral2

revengeratgueststealertrojan

© 2018-2024

Terms | Privacy