revengerat | 65d6f9753c33e994c63595226ef407ac71ea703bf7cf52eb36ba502b5fa9f153 | Triage

Sharing

General

Target

65d6f9753c33e994c63595226ef407ac71ea703bf7cf52eb36ba502b5fa9f153
Size

30KB
Sample

220602-q5rqtagcb9
MD5

0f4cb16b0393fb6ec6bdd8a59f7b5e0e
SHA1

a9f39815612f34ac43667b82d379340d91db0318
SHA256

65d6f9753c33e994c63595226ef407ac71ea703bf7cf52eb36ba502b5fa9f153
SHA512

cb6f73fb1180a878cbd426c9d56763418a01637aaa01f5710ad4cf2d73f84fe1f6f20fe4ce69f4f022de03479b02da1c30ddfec8e47cb7144ca3d23f21258d02

Score

10^/10

revengerat nyancatrevenge trojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

alice2019.myftp.biz:5050

Mutex

35dd546fe60c401

Targets

- Target
  
  65d6f9753c33e994c63595226ef407ac71ea703bf7cf52eb36ba502b5fa9f153
- Size
  
  30KB
- MD5
  
  0f4cb16b0393fb6ec6bdd8a59f7b5e0e
- SHA1
  
  a9f39815612f34ac43667b82d379340d91db0318
- SHA256
  
  65d6f9753c33e994c63595226ef407ac71ea703bf7cf52eb36ba502b5fa9f153
- SHA512
  
  cb6f73fb1180a878cbd426c9d56763418a01637aaa01f5710ad4cf2d73f84fe1f6f20fe4ce69f4f022de03479b02da1c30ddfec8e47cb7144ca3d23f21258d02
Score

10^/10

revengerat nyancatrevenge trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

revengeratnyancatrevengetrojan