revengerat | d9507f342e1d1b97e33c8a4738dea70f502296d37581bc6270ccf56f15e05f22 | Triage

Submit
Reports

Overview

overview

Static

static

Quotation #01521.exe

windows7_x64

Quotation #01521.exe

windows10-2004_x64

1

Sharing

General

Target

d9507f342e1d1b97e33c8a4738dea70f502296d37581bc6270ccf56f15e05f22
Size

876KB
Sample

220221-lwn64sagc5
MD5

c2e1ba0f582c7fc12e31e23cc9e489c7
SHA1

ec8e7879ad9ebf55c34211e96ea0767bf28f2054
SHA256

d9507f342e1d1b97e33c8a4738dea70f502296d37581bc6270ccf56f15e05f22
SHA512

d8f32491f0fca821ab9b19fcb9a3095d7e02e5690ec5b407e5ce17d5bc9c1b9ba6a90e660fa39ba940b9cad56e06662eb3b008ffea1a5fbcb5b79f574d3346e2

Score

10^/10

revengerat 2021 persistence stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Quotation #01521.exe

Resource

win7-en-20211208

revengerat 2021 persistence stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Quotation #01521.exe

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

2021

C2

chongmei33.myddns.rocks:57438

37.120.208.40:57438

Mutex

RV_MUTEX-ITXZMONFueOciqX

Targets

- Target
  
  Quotation #01521.exe
- Size
  
  816KB
- MD5
  
  73619a5f7eab7a80e0fbbd5c8493c9b4
- SHA1
  
  84db67126574c21ef3233518452876ad123b4aa1
- SHA256
  
  7a538b979c2a126fb287ed7bbb18ac55687273dfbac2c09de85f073c9bf5e3df
- SHA512
  
  b92f4239da62411edcbf2378e67e28a307752f1b55d5977527e83069630a5d9894bb4f7138473da42f183b6fc5cdcb334aff76805acbae6908b35ed8716940c4
Score

10^/10

revengerat 2021 persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengerat2021persistencestealertrojan

behavioral2

© 2018-2024

Terms | Privacy