revengerat | e6eda9918b257e317e921d294b903f9488929fe7ef2efc0955bd141d19e15855 | Triage

Submit
Reports

Overview

overview

Static

static

e6eda9918b...55.exe

windows7_x64

e6eda9918b...55.exe

windows10-2004_x64

8

Sharing

General

Target

e6eda9918b257e317e921d294b903f9488929fe7ef2efc0955bd141d19e15855
Size

17KB
Sample

220201-dnjmnafgfl
MD5

64c4cdba4768bc1ad90f0061037d4328
SHA1

411b304ae5aac0e7fe27bd17b8c50f081bca3654
SHA256

e6eda9918b257e317e921d294b903f9488929fe7ef2efc0955bd141d19e15855
SHA512

591c8a5613c7888199adf80bce31141a77a0ce9cb260d96a5dd8d40dfd764ebaa9846fa9020cee19c2766685cbbf7d28c57007888076bb03c0dcaec83ad60f50

Score

10^/10

revengerat 2sp force dz persistence stealer trojan

Static task

static1

stealer 2sp force dz revengerat

Behavioral task

behavioral1

Sample

e6eda9918b257e317e921d294b903f9488929fe7ef2efc0955bd141d19e15855.exe

Resource

win7-en-20211208

revengerat 2sp force dz persistence stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e6eda9918b257e317e921d294b903f9488929fe7ef2efc0955bd141d19e15855.exe

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

2SP Force DZ

C2

imaneblueyesvpn.ddns.net:333

Mutex

RV_MUTEX-jpnFwUnoWrUUg

Targets

- Target
  
  e6eda9918b257e317e921d294b903f9488929fe7ef2efc0955bd141d19e15855
- Size
  
  17KB
- MD5
  
  64c4cdba4768bc1ad90f0061037d4328
- SHA1
  
  411b304ae5aac0e7fe27bd17b8c50f081bca3654
- SHA256
  
  e6eda9918b257e317e921d294b903f9488929fe7ef2efc0955bd141d19e15855
- SHA512
  
  591c8a5613c7888199adf80bce31141a77a0ce9cb260d96a5dd8d40dfd764ebaa9846fa9020cee19c2766685cbbf7d28c57007888076bb03c0dcaec83ad60f50
Score

10^/10

revengerat 2sp force dz persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Sets service image path in registry
  persistence
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealer2sp force dzrevengerat

behavioral1

revengerat2sp force dzpersistencestealertrojan

behavioral2

© 2018-2024

Terms | Privacy