revengerat | bbd3ecd9e9671d94e8897980c4eb9391ae9cb444615ed9a93b8221ae8fa66790 | Triage

Submit
Reports

Overview

overview

Static

static

bbd3ecd9e9...90.exe

windows7_x64

bbd3ecd9e9...90.exe

windows10-2004_x64

8

Sharing

General

Target

bbd3ecd9e9671d94e8897980c4eb9391ae9cb444615ed9a93b8221ae8fa66790
Size

102KB
Sample

220201-etlvmsgebl
MD5

f6eec1317ece3ffb7c4916e224d9734d
SHA1

a3447ba9b83f30284c6d3effb45c31ad9d5f258f
SHA256

bbd3ecd9e9671d94e8897980c4eb9391ae9cb444615ed9a93b8221ae8fa66790
SHA512

36f13789fb55fc017c7cdbfe2eb3d8993fba913986f772a9ca096686256a10f4011a4af6b6187c2b45873d1e5fc00a993b1e5f9571a9609d967ad7be57e778d2

Score

10^/10

revengerat system persistence stealer trojan

Static task

static1

stealer system revengerat

Behavioral task

behavioral1

Sample

bbd3ecd9e9671d94e8897980c4eb9391ae9cb444615ed9a93b8221ae8fa66790.exe

Resource

win7-en-20211208

revengerat system persistence stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bbd3ecd9e9671d94e8897980c4eb9391ae9cb444615ed9a93b8221ae8fa66790.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

system

C2

47.100.84.12:55656

Mutex

RV_MUTEX-QZblRvZwfRtNH

Targets

- Target
  
  bbd3ecd9e9671d94e8897980c4eb9391ae9cb444615ed9a93b8221ae8fa66790
- Size
  
  102KB
- MD5
  
  f6eec1317ece3ffb7c4916e224d9734d
- SHA1
  
  a3447ba9b83f30284c6d3effb45c31ad9d5f258f
- SHA256
  
  bbd3ecd9e9671d94e8897980c4eb9391ae9cb444615ed9a93b8221ae8fa66790
- SHA512
  
  36f13789fb55fc017c7cdbfe2eb3d8993fba913986f772a9ca096686256a10f4011a4af6b6187c2b45873d1e5fc00a993b1e5f9571a9609d967ad7be57e778d2
Score

10^/10

revengerat system persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Sets service image path in registry
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealersystemrevengerat

behavioral1

revengeratsystempersistencestealertrojan

behavioral2

© 2018-2024

Terms | Privacy