revengerat | e1552429cfd87856478c497f2d6fa7e175a140f5b882019fcce39a5557092578 | Triage

Sharing

General

Target

e1552429cfd87856478c497f2d6fa7e175a140f5b882019fcce39a5557092578
Size

24KB
Sample

220201-dzcy9afhhn
MD5

ad77a8691c73e3996354b302d949882f
SHA1

914d261314bb06233158d2ce8abc8d3fe14c77b3
SHA256

e1552429cfd87856478c497f2d6fa7e175a140f5b882019fcce39a5557092578
SHA512

b8fdf9bcf5511e17bc89e420c90858a0dfe65b775fa493e36663f69f4b426247edd18cdb46fadaacc03d980a6685ad24dd47678867fb96d90906d218282936c8

Score

10^/10

revengerat nyancatrevenge persistence

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

101.98.203.110:6969

Mutex

321cb3d50a584c4

Targets

- Target
  
  e1552429cfd87856478c497f2d6fa7e175a140f5b882019fcce39a5557092578
- Size
  
  24KB
- MD5
  
  ad77a8691c73e3996354b302d949882f
- SHA1
  
  914d261314bb06233158d2ce8abc8d3fe14c77b3
- SHA256
  
  e1552429cfd87856478c497f2d6fa7e175a140f5b882019fcce39a5557092578
- SHA512
  
  b8fdf9bcf5511e17bc89e420c90858a0dfe65b775fa493e36663f69f4b426247edd18cdb46fadaacc03d980a6685ad24dd47678867fb96d90906d218282936c8
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

nyancatrevengerevengerat

behavioral1

behavioral2