revengerat | 2c59fdaaa82b41789e1a99f7d818b543ed1333c140c3563a93a5a0fecd7ce8b1 | Triage

Submit
Reports

Overview

overview

Static

static

2c59fdaaa8...b1.exe

windows7_x64

2c59fdaaa8...b1.exe

windows10-2004_x64

1

Sharing

General

Target

2c59fdaaa82b41789e1a99f7d818b543ed1333c140c3563a93a5a0fecd7ce8b1
Size

125KB
Sample

220201-jlf2msback
MD5

63de83a16c0bcd7397ce60a5b35c6324
SHA1

c874069425deced7df4593ceb869382068c562a8
SHA256

2c59fdaaa82b41789e1a99f7d818b543ed1333c140c3563a93a5a0fecd7ce8b1
SHA512

0f9dae80122ac2e7b90672ab87acc38073ec22c9857316007c4e91a66a7d95387d8cf9f4fa376d42d52616b28176a48e35f12ca919c4498e277cc3069cbcabd9

Score

10^/10

revengerat guest stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

2c59fdaaa82b41789e1a99f7d818b543ed1333c140c3563a93a5a0fecd7ce8b1.exe

Resource

win7-en-20211208

revengerat guest stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2c59fdaaa82b41789e1a99f7d818b543ed1333c140c3563a93a5a0fecd7ce8b1.exe

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

lapoire2.hopto.org:333

Mutex

RV_MUTEX-DxjEexVoqqNL

Targets

- Target
  
  2c59fdaaa82b41789e1a99f7d818b543ed1333c140c3563a93a5a0fecd7ce8b1
- Size
  
  125KB
- MD5
  
  63de83a16c0bcd7397ce60a5b35c6324
- SHA1
  
  c874069425deced7df4593ceb869382068c562a8
- SHA256
  
  2c59fdaaa82b41789e1a99f7d818b543ed1333c140c3563a93a5a0fecd7ce8b1
- SHA512
  
  0f9dae80122ac2e7b90672ab87acc38073ec22c9857316007c4e91a66a7d95387d8cf9f4fa376d42d52616b28176a48e35f12ca919c4498e277cc3069cbcabd9
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

revengeratgueststealertrojan

behavioral2

© 2018-2024

Terms | Privacy