Overview

overview

10

Static

static

10

e38f7a1882...37.exe

windows7_x64

10

e38f7a1882...37.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    164s
  • max time network
    183s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    19-02-2022 09:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e38f7a1882ac64fab611b3be73fda7eece5fb9a6ea131b36985aa60a0988e937.exe

  • Size

    15KB

  • MD5

    b8448486361127d19646cd0a420ba047

  • SHA1

    5e50e5c076e3b0843afaf038a3dec777a6e84759

  • SHA256

    e38f7a1882ac64fab611b3be73fda7eece5fb9a6ea131b36985aa60a0988e937

  • SHA512

    caff3217b5563176f787bef7bb8864e67189b0ad0eda4f10f2d0e0ee18b966816f62f95f8b1c9ddd238bfa2f94b545c577c5e8b52f58d729eb7ca107f9b50494

Score
10/10
revengeratclienttrojan

Malware Config

Extracted

Family

revengerat

Botnet

Client

C2

bodmas01.zapto.org:7975

Mutex

SXDWCX2QPFGVQS2

Signatures

  • RevengeRAT

    Remote-access trojan with a wide range of capabilities.

    trojanrevengerat

Processes

  • C:\Users\Admin\AppData\Local\Temp\e38f7a1882ac64fab611b3be73fda7eece5fb9a6ea131b36985aa60a0988e937.exe
    "C:\Users\Admin\AppData\Local\Temp\e38f7a1882ac64fab611b3be73fda7eece5fb9a6ea131b36985aa60a0988e937.exe"
    1⤵
      PID:836

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/836-55-0x000007FEF4AC3000-0x000007FEF4AC4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/836-56-0x0000000000A10000-0x0000000000A1A000-memory.dmp
      Filesize

      40KB

      Download
    • memory/836-57-0x000000001ADF0000-0x000000001ADF2000-memory.dmp
      Filesize

      8KB

      Download