revengerat | efaea496cea6913f0849f5589ab5765c80d1c25cc1a9c4d657476e9cc126c21c | Triage

Sharing

General

Target

efaea496cea6913f0849f5589ab5765c80d1c25cc1a9c4d657476e9cc126c21c
Size

16KB
Sample

220205-j4hyyshfbq
MD5

929080db6de665b4e9304408284ba440
SHA1

732273b4443fbeadbc9ac468850c8874318eb12c
SHA256

efaea496cea6913f0849f5589ab5765c80d1c25cc1a9c4d657476e9cc126c21c
SHA512

5f2da378f95d6b23ec3f9392a50381873ded7e3576c02498df1f88e7e6abc65a006cdb6b42fdfdbef8dd962df1364442585f4f000e200e915496ba6c2c07286e

Score

10^/10

revengerat ra3d persistence stealer

Malware Config

Extracted

Family

revengerat

Botnet

RA3D

C2

aldery.linkpc.net:5552

Mutex

RV_MUTEX

Targets

- Target
  
  efaea496cea6913f0849f5589ab5765c80d1c25cc1a9c4d657476e9cc126c21c
- Size
  
  16KB
- MD5
  
  929080db6de665b4e9304408284ba440
- SHA1
  
  732273b4443fbeadbc9ac468850c8874318eb12c
- SHA256
  
  efaea496cea6913f0849f5589ab5765c80d1c25cc1a9c4d657476e9cc126c21c
- SHA512
  
  5f2da378f95d6b23ec3f9392a50381873ded7e3576c02498df1f88e7e6abc65a006cdb6b42fdfdbef8dd962df1364442585f4f000e200e915496ba6c2c07286e
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerra3drevengerat

behavioral1

behavioral2