revengerat | 35bf683f6d7cde1df919c3a5e3e23f9c972e051e31f491c6bf87d19ec30de9f5 | Triage

Submit
Reports

Overview

overview

Static

static

35bf683f6d...f5.exe

windows7_x64

35bf683f6d...f5.exe

windows10-2004_x64

Sharing

General

Target

35bf683f6d7cde1df919c3a5e3e23f9c972e051e31f491c6bf87d19ec30de9f5
Size

17KB
Sample

220524-2wyzbaahc6
MD5

cbebcbc400c95f9e0902c71000a79eec
SHA1

9a190e9e398fa7cdf34a8c251f656a671e6ace31
SHA256

35bf683f6d7cde1df919c3a5e3e23f9c972e051e31f491c6bf87d19ec30de9f5
SHA512

1effe5d3a55742f070aade5a5038b36517f0de72ce15cdfa9fff0f8ec5f8505fd44860d49becbe8c75b4752adf12a88e50eaac306e9f57c9a7f39d6b0b53716e

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer guest revengerat

Behavioral task

behavioral1

Sample

35bf683f6d7cde1df919c3a5e3e23f9c972e051e31f491c6bf87d19ec30de9f5.exe

Resource

win7-20220414-en

revengerat guest stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

35bf683f6d7cde1df919c3a5e3e23f9c972e051e31f491c6bf87d19ec30de9f5.exe

Resource

win10v2004-20220414-en

revengerat guest stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

0.tcp.ngrok.io:17455

Mutex

RV_MUTEX-bWSTUKIWwiej

Targets

- Target
  
  35bf683f6d7cde1df919c3a5e3e23f9c972e051e31f491c6bf87d19ec30de9f5
- Size
  
  17KB
- MD5
  
  cbebcbc400c95f9e0902c71000a79eec
- SHA1
  
  9a190e9e398fa7cdf34a8c251f656a671e6ace31
- SHA256
  
  35bf683f6d7cde1df919c3a5e3e23f9c972e051e31f491c6bf87d19ec30de9f5
- SHA512
  
  1effe5d3a55742f070aade5a5038b36517f0de72ce15cdfa9fff0f8ec5f8505fd44860d49becbe8c75b4752adf12a88e50eaac306e9f57c9a7f39d6b0b53716e
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratgueststealertrojan

behavioral2

revengeratgueststealertrojan

© 2018-2024

Terms | Privacy