revengerat | f57fff1b8acdee475b161ec1313452f0fe66077142fc677a63f7914a96890bae | Triage

Sharing

General

Target

f57fff1b8acdee475b161ec1313452f0fe66077142fc677a63f7914a96890bae
Size

17KB
Sample

220128-v1m92shcbj
MD5

cc3c73d81bf77fb2000685c7f6757f91
SHA1

ff58a06a482a643cc143d1f43e949cc7ce2f3966
SHA256

f57fff1b8acdee475b161ec1313452f0fe66077142fc677a63f7914a96890bae
SHA512

f9b6b5cb1451eacaef743252e60745eb4cc5d9d782f4e9219a07d2427058d9bc4198bd12f69140d71ad1c53dc687aea524eb682e791d6a4b8b364cd505a1a828

Score

10^/10

revengerat 4 stealer

Malware Config

Extracted

Family

revengerat

Botnet

4

C2

systen32.ddns.net:6000

office365update.duckdns.org:6000

Mutex

RV_MUTEX-WindowsUpdateSysten32

Targets

- Target
  
  f57fff1b8acdee475b161ec1313452f0fe66077142fc677a63f7914a96890bae
- Size
  
  17KB
- MD5
  
  cc3c73d81bf77fb2000685c7f6757f91
- SHA1
  
  ff58a06a482a643cc143d1f43e949cc7ce2f3966
- SHA256
  
  f57fff1b8acdee475b161ec1313452f0fe66077142fc677a63f7914a96890bae
- SHA512
  
  f9b6b5cb1451eacaef743252e60745eb4cc5d9d782f4e9219a07d2427058d9bc4198bd12f69140d71ad1c53dc687aea524eb682e791d6a4b8b364cd505a1a828
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealer4revengerat

behavioral1

behavioral2