revengerat | e8ed5bf699f7d13179554d298bfad8598f1dd24f7a25fff55968a3b939c3f21b | Triage

Sharing

General

Target

e8ed5bf699f7d13179554d298bfad8598f1dd24f7a25fff55968a3b939c3f21b
Size

16KB
Sample

220201-dl2epagce9
MD5

4a7d34b6fefe7959672ccfbf435c4162
SHA1

0088242024303413da4de8fcb48782ab779c2f3c
SHA256

e8ed5bf699f7d13179554d298bfad8598f1dd24f7a25fff55968a3b939c3f21b
SHA512

5ff1e78a982579af646b3591d6a355f5618ddde936dfe1511013364396bb248a2afd6d85ab66bc51b6a23cadc899844fefed496aa28519a44da698efe9638be3

Score

10^/10

revengerat ra3d persistence stealer

Malware Config

Extracted

Family

revengerat

Botnet

RA3D

C2

192.168.1.21:4444

Mutex

RV_MUTEX

Targets

- Target
  
  e8ed5bf699f7d13179554d298bfad8598f1dd24f7a25fff55968a3b939c3f21b
- Size
  
  16KB
- MD5
  
  4a7d34b6fefe7959672ccfbf435c4162
- SHA1
  
  0088242024303413da4de8fcb48782ab779c2f3c
- SHA256
  
  e8ed5bf699f7d13179554d298bfad8598f1dd24f7a25fff55968a3b939c3f21b
- SHA512
  
  5ff1e78a982579af646b3591d6a355f5618ddde936dfe1511013364396bb248a2afd6d85ab66bc51b6a23cadc899844fefed496aa28519a44da698efe9638be3
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerra3drevengerat

behavioral1

behavioral2