Overview

overview

10

Static

static

10

2503591813...55.exe

windows7_x64

10

2503591813...55.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2503591813db469e7a22ecdfc233b7e91a85821c6f2beaf05e406f722dae2e55

  • Size

    70KB

  • Sample

    220418-m29wfacdep

  • MD5

    407b61f6bd7985c856ba370dde95daee

  • SHA1

    45023210e16863ce86957c11178eca2f7a9a184c

  • SHA256

    2503591813db469e7a22ecdfc233b7e91a85821c6f2beaf05e406f722dae2e55

  • SHA512

    511ff1d524ce06dfbc9f32283b0c2e9a7068a01d8cc6bbe6a70980661fc8a377c0d4241251516d6c3c01fd1113e595fa319f9e53ca0c93574a180d7bdec071a2

Score
10/10
revengeratpersistencestealertrojan

Malware Config

Targets

    • Target

      2503591813db469e7a22ecdfc233b7e91a85821c6f2beaf05e406f722dae2e55

    • Size

      70KB

    • MD5

      407b61f6bd7985c856ba370dde95daee

    • SHA1

      45023210e16863ce86957c11178eca2f7a9a184c

    • SHA256

      2503591813db469e7a22ecdfc233b7e91a85821c6f2beaf05e406f722dae2e55

    • SHA512

      511ff1d524ce06dfbc9f32283b0c2e9a7068a01d8cc6bbe6a70980661fc8a377c0d4241251516d6c3c01fd1113e595fa319f9e53ca0c93574a180d7bdec071a2

    Score
    10/10
    revengeratpersistencestealertrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • RevengeRat Executable

      stealer

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks