revengerat | 7cf5f989d475a9fdebafe36390676a09dfd74839780aaef4e05f049298b3a7b2 | Triage

Sharing

General

Target

7cf5f989d475a9fdebafe36390676a09dfd74839780aaef4e05f049298b3a7b2
Size

14KB
Sample

220201-f7pdcshddj
MD5

db6a4a660aaf8d2b6847b163a90270ff
SHA1

1cfbc790b0adb9da7dfc8e58f283eb1bfbffab82
SHA256

7cf5f989d475a9fdebafe36390676a09dfd74839780aaef4e05f049298b3a7b2
SHA512

6e4674c6e242e5bc2dc0e94c56003e39c98b020f371df6d4fa6f6b8375a009007f1669ada55a1f37e0216a0cd039c4475f9e4719866253608fd7e957746e6cd9

Score

10^/10

revengerat nyancatrevenge persistence

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

hbankers77.ddns.net:8080

Mutex

626da5c0ac7c4a4fb3b

Targets

- Target
  
  7cf5f989d475a9fdebafe36390676a09dfd74839780aaef4e05f049298b3a7b2
- Size
  
  14KB
- MD5
  
  db6a4a660aaf8d2b6847b163a90270ff
- SHA1
  
  1cfbc790b0adb9da7dfc8e58f283eb1bfbffab82
- SHA256
  
  7cf5f989d475a9fdebafe36390676a09dfd74839780aaef4e05f049298b3a7b2
- SHA512
  
  6e4674c6e242e5bc2dc0e94c56003e39c98b020f371df6d4fa6f6b8375a009007f1669ada55a1f37e0216a0cd039c4475f9e4719866253608fd7e957746e6cd9
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

nyancatrevengerevengerat

behavioral1

behavioral2