revengerat | 58f1865d2fb00775add6c9d34aa504118bc962e08fba8fb79b288515320ef933 | Triage

Sharing

General

Target

58f1865d2fb00775add6c9d34aa504118bc962e08fba8fb79b288515320ef933
Size

14KB
Sample

220201-p5m7ysadh5
MD5

5af816857d86e350c868aef711b58d9d
SHA1

7704f252ef8256b8e1c64d5f521c326302c2c6d7
SHA256

58f1865d2fb00775add6c9d34aa504118bc962e08fba8fb79b288515320ef933
SHA512

7bf1fa475bfb90a3a5f7a576b44b93ed258b81a670a7cd80738ef106b9f92a7f96cca47f2d4d7af700d049928a72756f657a7e5c9d9f8321ee94b896c9d1c54d

Score

10^/10

revengerat nyancatrevenge persistence

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

r3dc0d3r.duckdns.org:12301

Mutex

992e739ce3ff411a8d5

Targets

- Target
  
  58f1865d2fb00775add6c9d34aa504118bc962e08fba8fb79b288515320ef933
- Size
  
  14KB
- MD5
  
  5af816857d86e350c868aef711b58d9d
- SHA1
  
  7704f252ef8256b8e1c64d5f521c326302c2c6d7
- SHA256
  
  58f1865d2fb00775add6c9d34aa504118bc962e08fba8fb79b288515320ef933
- SHA512
  
  7bf1fa475bfb90a3a5f7a576b44b93ed258b81a670a7cd80738ef106b9f92a7f96cca47f2d4d7af700d049928a72756f657a7e5c9d9f8321ee94b896c9d1c54d
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

nyancatrevengerevengerat

behavioral1

behavioral2