General

  • Target

    588328b4886f345e3b63d5eac584a7b9

  • Size

    1.1MB

  • Sample

    201117-szjc3xz4xe

  • MD5

    30036eeda24148de4bf987d0d91cca1e

  • SHA1

    0655e1edf26f1823cdfcceaf641cc44bc7050f4e

  • SHA256

    86aecd7814e027482252ad833cb48974dd03fd463790bb2b7756520847269037

  • SHA512

    4a82292137244a1b3e47d08414ed4abc85cccdaba1577d1f06e4dc530a86ba77b26697ac9a66e26b5a4ae5442bf020dc597d6a4e18f0605086b5913d8da477d5

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

178.17.174.71:3310

Mutex

RV_MUTEX-HxdYuaWVCGnhp

Targets

    • Target

      588328b4886f345e3b63d5eac584a7b9

    • Size

      1.1MB

    • MD5

      30036eeda24148de4bf987d0d91cca1e

    • SHA1

      0655e1edf26f1823cdfcceaf641cc44bc7050f4e

    • SHA256

      86aecd7814e027482252ad833cb48974dd03fd463790bb2b7756520847269037

    • SHA512

      4a82292137244a1b3e47d08414ed4abc85cccdaba1577d1f06e4dc530a86ba77b26697ac9a66e26b5a4ae5442bf020dc597d6a4e18f0605086b5913d8da477d5

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

    • RevengeRat Executable

    • Drops startup file

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks