Overview

overview

10

Static

static

ac31a6e33a...23.exe

windows7_x64

10

ac31a6e33a...23.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac31a6e33a56b45bdd8cfd2adf58c123

  • Size

    210KB

  • Sample

    201214-h62h46h42n

  • MD5

    ac31a6e33a56b45bdd8cfd2adf58c123

  • SHA1

    2cb2aebfab91b987f6a820bbf91a15ea9855b937

  • SHA256

    8c61ba7b253707486b186d4cb87add887f6e0d47a82818a0c17f38a1283b28a8

  • SHA512

    51a96ceba6ef87a5e9e937648f2d85c535ff1a66ccbde6316485f967db672ac638ebddfb2f59e263b0429c43626fc93e7f779f080a18eec1d3311544d5773030

Score
10/10
revengeratnyancatrevengetrojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

194.5.99.181:4452

Mutex

eac1ab2a222

Targets

    • Target

      ac31a6e33a56b45bdd8cfd2adf58c123

    • Size

      210KB

    • MD5

      ac31a6e33a56b45bdd8cfd2adf58c123

    • SHA1

      2cb2aebfab91b987f6a820bbf91a15ea9855b937

    • SHA256

      8c61ba7b253707486b186d4cb87add887f6e0d47a82818a0c17f38a1283b28a8

    • SHA512

      51a96ceba6ef87a5e9e937648f2d85c535ff1a66ccbde6316485f967db672ac638ebddfb2f59e263b0429c43626fc93e7f779f080a18eec1d3311544d5773030

    Score
    10/10
    revengeratnyancatrevengetrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks