revengerat | 21d1f5d2ad4ac80ac110333403909a91fe7094a91dc822400768cf10f8b346ec | Triage

Sharing

General

Target

21d1f5d2ad4ac80ac110333403909a91fe7094a91dc822400768cf10f8b346ec
Size

14KB
Sample

220201-jtlbbsbbej
MD5

00190ddad2cd8b186011eee2a14d65f7
SHA1

7573de78610f28c6523bc6b8fc9c7813a5f8bb1d
SHA256

21d1f5d2ad4ac80ac110333403909a91fe7094a91dc822400768cf10f8b346ec
SHA512

0ec03a22fc632e319b52f01cd95f29afabdd46b83288e52ab7f234510e665a382c3fc241ecfee2e582c9f02cd26520017df3fca9842c14224ba8d2edf8ce9217

Score

10^/10

revengerat nyancatrevenge persistence

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

127.0.0.1:3333

Mutex

a9e5c6418509

Targets

- Target
  
  21d1f5d2ad4ac80ac110333403909a91fe7094a91dc822400768cf10f8b346ec
- Size
  
  14KB
- MD5
  
  00190ddad2cd8b186011eee2a14d65f7
- SHA1
  
  7573de78610f28c6523bc6b8fc9c7813a5f8bb1d
- SHA256
  
  21d1f5d2ad4ac80ac110333403909a91fe7094a91dc822400768cf10f8b346ec
- SHA512
  
  0ec03a22fc632e319b52f01cd95f29afabdd46b83288e52ab7f234510e665a382c3fc241ecfee2e582c9f02cd26520017df3fca9842c14224ba8d2edf8ce9217
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

nyancatrevengerevengerat

behavioral1

behavioral2