revengerat | 3b72fd533bb38633959f0ca2f60774a60b302b3d3455709608b087e30307b773 | Triage

Sharing

General

Target

3b72fd533bb38633959f0ca2f60774a60b302b3d3455709608b087e30307b773
Size

74KB
Sample

220502-rkcxlaghel
MD5

93d98128d44836c7b02c072ad97909b5
SHA1

2ff18c31d28022b6f4bab69e82a130c03fbdc32c
SHA256

3b72fd533bb38633959f0ca2f60774a60b302b3d3455709608b087e30307b773
SHA512

963fa94059e9937195225574d7917937a2313705b7dd9625e9f1045379ba65e0525d27a8835073e608782db16d0c99072513e13978e9c943922fee3298dae0ca

Score

10^/10

revengerat nyancatrevenge trojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

travazap2.duckdns.org:2021

Mutex

3ddc53446da

Targets

- Target
  
  3b72fd533bb38633959f0ca2f60774a60b302b3d3455709608b087e30307b773
- Size
  
  74KB
- MD5
  
  93d98128d44836c7b02c072ad97909b5
- SHA1
  
  2ff18c31d28022b6f4bab69e82a130c03fbdc32c
- SHA256
  
  3b72fd533bb38633959f0ca2f60774a60b302b3d3455709608b087e30307b773
- SHA512
  
  963fa94059e9937195225574d7917937a2313705b7dd9625e9f1045379ba65e0525d27a8835073e608782db16d0c99072513e13978e9c943922fee3298dae0ca
Score

10^/10

revengerat nyancatrevenge trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengeratnyancatrevengetrojan

behavioral2