revengerat | ae53e7a0d59686d3684ed1e14bfee649f53a5fd369090d916a81f74091368b65 | Triage

Submit
Reports

Overview

overview

Static

static

43SjNv5s.exe

windows7_x64

43SjNv5s.exe

windows10_x64

7

Sharing

General

Target

43SjNv5s.exe
Size

21KB
Sample

201201-bfqa3ap92x
MD5

aa9f37ce187d4b4556807f49f57ca678
SHA1

d4c05259f35840e96232bc41e1bd14defc73988f
SHA256

ae53e7a0d59686d3684ed1e14bfee649f53a5fd369090d916a81f74091368b65
SHA512

1f0aed05bc5574f62f8cfe3bf586390dd98e25593f17b8178029fdbdaa96d819de758f0dbdc65ef2163478def9caeb0ac9fb4689c04e71156c4967496a965baa

Score

10^/10

revengerat guest spyware stealer trojan

Static task

static1

stealer guest revengerat

Behavioral task

behavioral1

Sample

43SjNv5s.exe

Resource

win7v20201028

revengerat guest spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

43SjNv5s.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

4.tcp.ngrok.io:13284

Mutex

RV_MUTEX-sawrHJfWfhaRClg

Targets

- Target
  
  43SjNv5s.exe
- Size
  
  21KB
- MD5
  
  aa9f37ce187d4b4556807f49f57ca678
- SHA1
  
  d4c05259f35840e96232bc41e1bd14defc73988f
- SHA256
  
  ae53e7a0d59686d3684ed1e14bfee649f53a5fd369090d916a81f74091368b65
- SHA512
  
  1f0aed05bc5574f62f8cfe3bf586390dd98e25593f17b8178029fdbdaa96d819de758f0dbdc65ef2163478def9caeb0ac9fb4689c04e71156c4967496a965baa
Score

10^/10

revengerat guest spyware stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratguestspywarestealertrojan

behavioral2

© 2018-2024

Terms | Privacy