Overview

overview

10

Static

static

7ab025aa1f...ea.ps1

windows7_x64

1

7ab025aa1f...ea.ps1

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7ab025aa1f53605e0e33299dbe89cceea79144ab98ff9a39a54c9ddab53a9eea

  • Size

    51KB

  • Sample

    220523-rq6f4ahdem

  • MD5

    65779649108e379f6e5bbef6feb174aa

  • SHA1

    5d0dc1f6a1b4393a88b0dfe54296b6ae2e803af2

  • SHA256

    7ab025aa1f53605e0e33299dbe89cceea79144ab98ff9a39a54c9ddab53a9eea

  • SHA512

    080e4f06d71c9fa446b7d34750d5510609b348a6b4d1b3f1b0d85d95fff0304cbf7a5d929e838d5eaf3e9e1217ba28acb1de46750263fb3189b43df577f3543e

Score
10/10
revengeratclienttrojan

Malware Config

Extracted

Family

revengerat

Botnet

Client

C2

n0ahark2021.ddns.net:5205

Mutex

VV5TAZZF27L8PCZ

Targets

    • Target

      7ab025aa1f53605e0e33299dbe89cceea79144ab98ff9a39a54c9ddab53a9eea

    • Size

      51KB

    • MD5

      65779649108e379f6e5bbef6feb174aa

    • SHA1

      5d0dc1f6a1b4393a88b0dfe54296b6ae2e803af2

    • SHA256

      7ab025aa1f53605e0e33299dbe89cceea79144ab98ff9a39a54c9ddab53a9eea

    • SHA512

      080e4f06d71c9fa446b7d34750d5510609b348a6b4d1b3f1b0d85d95fff0304cbf7a5d929e838d5eaf3e9e1217ba28acb1de46750263fb3189b43df577f3543e

    Score
    10/10
    revengeratclienttrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks