revengerat | aefe98d28b0d368c94c1102e615811b1d9825373d86e5a0031d0b41f2452bfb8 | Triage

Submit
Reports

Overview

overview

Static

static

aefe98d28b...b8.exe

windows7_x64

aefe98d28b...b8.exe

windows10-2004_x64

Sharing

General

Target

aefe98d28b0d368c94c1102e615811b1d9825373d86e5a0031d0b41f2452bfb8
Size

355KB
Sample

220309-b4fvlaeghp
MD5

e73a78c29a9791b574a3ff41bf290cfb
SHA1

a974b4b7d2f0b0d4366123c0a591327b6108e6d8
SHA256

aefe98d28b0d368c94c1102e615811b1d9825373d86e5a0031d0b41f2452bfb8
SHA512

69ba2a63a6bd0e125ac2e13e8c7571c08f0b6d1a0fe1e5670346c4cf16dd74b179f181aad4064f656ce092f8ca105b221dd3d4c423c32eccc649755e4ed1b0a4

Score

10^/10

revengerat be ly stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

aefe98d28b0d368c94c1102e615811b1d9825373d86e5a0031d0b41f2452bfb8.exe

Resource

win7-en-20211208

revengerat be ly stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

aefe98d28b0d368c94c1102e615811b1d9825373d86e5a0031d0b41f2452bfb8.exe

Resource

win10v2004-en-20220113

revengerat be ly stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

be ly

C2

hohoangpmy.ddns.net:1177

Mutex

RV_MUTEX-eawrHJfWfhaRCl

Targets

- Target
  
  aefe98d28b0d368c94c1102e615811b1d9825373d86e5a0031d0b41f2452bfb8
- Size
  
  355KB
- MD5
  
  e73a78c29a9791b574a3ff41bf290cfb
- SHA1
  
  a974b4b7d2f0b0d4366123c0a591327b6108e6d8
- SHA256
  
  aefe98d28b0d368c94c1102e615811b1d9825373d86e5a0031d0b41f2452bfb8
- SHA512
  
  69ba2a63a6bd0e125ac2e13e8c7571c08f0b6d1a0fe1e5670346c4cf16dd74b179f181aad4064f656ce092f8ca105b221dd3d4c423c32eccc649755e4ed1b0a4
Score

10^/10

revengerat be ly stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengeratbe lystealertrojan

behavioral2

revengeratbe lystealertrojan

© 2018-2024

Terms | Privacy