revengerat | 16c471d08b96936bdb1894c8fd1f17cbee466160e8cfceb9fce8addb62bfe86b | Triage

Sharing

General

Target

16c471d08b96936bdb1894c8fd1f17cbee466160e8cfceb9fce8addb62bfe86b
Size

169KB
Sample

201109-9vwb3nqy82
MD5

3025f57e53cc066a37af56d892d1630b
SHA1

161f9f1a796795e2f04140e19bdec301ea7297a8
SHA256

16c471d08b96936bdb1894c8fd1f17cbee466160e8cfceb9fce8addb62bfe86b
SHA512

03bb1eca6bd84b29bad7d78f986ef21487ed930fcb61e592a4d4aa2042ed4c595aac1a2f519cd2c92ca2f449835cbfc5a25b3a92d8c206eb3b1fff462595c652

Score

10^/10

revengerat persistence stealer trojan

Malware Config

Targets

- Target
  
  16c471d08b96936bdb1894c8fd1f17cbee466160e8cfceb9fce8addb62bfe86b
- Size
  
  169KB
- MD5
  
  3025f57e53cc066a37af56d892d1630b
- SHA1
  
  161f9f1a796795e2f04140e19bdec301ea7297a8
- SHA256
  
  16c471d08b96936bdb1894c8fd1f17cbee466160e8cfceb9fce8addb62bfe86b
- SHA512
  
  03bb1eca6bd84b29bad7d78f986ef21487ed930fcb61e592a4d4aa2042ed4c595aac1a2f519cd2c92ca2f449835cbfc5a25b3a92d8c206eb3b1fff462595c652
Score

10^/10

revengerat persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengeratpersistencestealertrojan

behavioral2

revengeratpersistencestealertrojan