revengerat | fd9f4bc99e7a969551c859d3da5dfd6c4151a20c9663619a4b14be7958c34e0e | Triage

Submit
Reports

Overview

overview

Static

static

fd9f4bc99e...0e.exe

windows7_x64

fd9f4bc99e...0e.exe

windows10-2004_x64

Sharing

General

Target

fd9f4bc99e7a969551c859d3da5dfd6c4151a20c9663619a4b14be7958c34e0e
Size

17KB
Sample

220520-enlyfsbhap
MD5

4a1e9090a6a6bc9dda8706d35e5ef027
SHA1

8f8a66cb388f0ed59c46c3bc23c95c6724b8c2be
SHA256

fd9f4bc99e7a969551c859d3da5dfd6c4151a20c9663619a4b14be7958c34e0e
SHA512

961e334b79d36a781f732f6e4116d84b99d7fb2063e94bd901d42a092d664141e59ff4d7cade49d848ee16cd5be8bba3e849c9a12b8c24469e5a7aa264cfd33a

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer guest revengerat

Behavioral task

behavioral1

Sample

fd9f4bc99e7a969551c859d3da5dfd6c4151a20c9663619a4b14be7958c34e0e.exe

Resource

win7-20220414-en

revengerat guest stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fd9f4bc99e7a969551c859d3da5dfd6c4151a20c9663619a4b14be7958c34e0e.exe

Resource

win10v2004-20220414-en

revengerat guest stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

0.tcp.ngrok.io:17455

Mutex

RV_MUTEX-iYAoBLOacwYd

Targets

- Target
  
  fd9f4bc99e7a969551c859d3da5dfd6c4151a20c9663619a4b14be7958c34e0e
- Size
  
  17KB
- MD5
  
  4a1e9090a6a6bc9dda8706d35e5ef027
- SHA1
  
  8f8a66cb388f0ed59c46c3bc23c95c6724b8c2be
- SHA256
  
  fd9f4bc99e7a969551c859d3da5dfd6c4151a20c9663619a4b14be7958c34e0e
- SHA512
  
  961e334b79d36a781f732f6e4116d84b99d7fb2063e94bd901d42a092d664141e59ff4d7cade49d848ee16cd5be8bba3e849c9a12b8c24469e5a7aa264cfd33a
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratgueststealertrojan

behavioral2

revengeratgueststealertrojan

© 2018-2024

Terms | Privacy