revengerat | 6b04a84dd2ff70944c97604447866f11ce23135cafc357293dee242f868c3d22 | Triage

Sharing

General

Target

6b04a84dd2ff70944c97604447866f11ce23135cafc357293dee242f868c3d22
Size

14KB
Sample

220201-gk193shfcp
MD5

397ce65ec997ad65fbe35e70c6b3a56e
SHA1

4126038e3d3c996fcfa45041c5f0b2c23e70568f
SHA256

6b04a84dd2ff70944c97604447866f11ce23135cafc357293dee242f868c3d22
SHA512

7fcea73d801d36231c028113064549339387a8e172bd8143ce44c8a028ea6956692f326b7b1d9f4b44da3af2b20d077478af97d9d2b1ebb8073717f3b74e7f82

Score

10^/10

revengerat nyancatrevenge persistence

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

127.0.0.1:333

Mutex

6b1f7d7016b54c3db

Targets

- Target
  
  6b04a84dd2ff70944c97604447866f11ce23135cafc357293dee242f868c3d22
- Size
  
  14KB
- MD5
  
  397ce65ec997ad65fbe35e70c6b3a56e
- SHA1
  
  4126038e3d3c996fcfa45041c5f0b2c23e70568f
- SHA256
  
  6b04a84dd2ff70944c97604447866f11ce23135cafc357293dee242f868c3d22
- SHA512
  
  7fcea73d801d36231c028113064549339387a8e172bd8143ce44c8a028ea6956692f326b7b1d9f4b44da3af2b20d077478af97d9d2b1ebb8073717f3b74e7f82
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

nyancatrevengerevengerat

behavioral1

behavioral2