Overview

overview

10

Static

static

10

e3BusHrt.exe

windows7_x64

1

e3BusHrt.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e3BusHrt.exe

  • Size

    17KB

  • Sample

    201120-yd568lg26e

  • MD5

    828488ed41ef4e46c56184fbd72b03e5

  • SHA1

    a8f8b1c9ac1fef1574593dd8855c697b9daf7e5c

  • SHA256

    ac610045393947ca964d28f15807b623953c07614539b724af3aad7902c53833

  • SHA512

    d9de5e0b9f236bf577f801e8c7485bf5869fa07ff8f473d8d191a8782ccf8669352974be206f21eb80dff3a2e8b9e9f13300fb668f87d8bd3adcfdc085c1f3ff

Score
10/10
revengeratlavdachutstealer

Malware Config

Extracted

Family

revengerat

Botnet

lavdachut

C2

xzim-57334.portmap.io:57334

Mutex

RV_MUTEX

Targets

    • Target

      e3BusHrt.exe

    • Size

      17KB

    • MD5

      828488ed41ef4e46c56184fbd72b03e5

    • SHA1

      a8f8b1c9ac1fef1574593dd8855c697b9daf7e5c

    • SHA256

      ac610045393947ca964d28f15807b623953c07614539b724af3aad7902c53833

    • SHA512

      d9de5e0b9f236bf577f801e8c7485bf5869fa07ff8f473d8d191a8782ccf8669352974be206f21eb80dff3a2e8b9e9f13300fb668f87d8bd3adcfdc085c1f3ff

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks