revengerat | dcccd5e29b6209cec0a993bfa4e23c5635bf2edecf3cc3102b12ae1771e33eda | Triage

Sharing

General

Target

dcccd5e29b6209cec0a993bfa4e23c5635bf2edecf3cc3102b12ae1771e33eda
Size

16KB
Sample

220201-d3f53sgfa7
MD5

ac364d705c3202a741f48eff258e0338
SHA1

75a0eef72f700bce8a582feb570d2156bc79bb64
SHA256

dcccd5e29b6209cec0a993bfa4e23c5635bf2edecf3cc3102b12ae1771e33eda
SHA512

7046d13649566234d10172910475a901a67681a30e59722339c30563887a9de05db25af1ac1729796f0bcc18956f55151b287aab5b0e6a5b2b7ffd6162b798fe

Score

10^/10

revengerat guest persistence stealer

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

101.98.203.110:6969

Mutex

RV_MUTEX-eawrHJfWfhaRCl

Targets

- Target
  
  dcccd5e29b6209cec0a993bfa4e23c5635bf2edecf3cc3102b12ae1771e33eda
- Size
  
  16KB
- MD5
  
  ac364d705c3202a741f48eff258e0338
- SHA1
  
  75a0eef72f700bce8a582feb570d2156bc79bb64
- SHA256
  
  dcccd5e29b6209cec0a993bfa4e23c5635bf2edecf3cc3102b12ae1771e33eda
- SHA512
  
  7046d13649566234d10172910475a901a67681a30e59722339c30563887a9de05db25af1ac1729796f0bcc18956f55151b287aab5b0e6a5b2b7ffd6162b798fe
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

behavioral2