revengerat | b1313253704746db20556908eea196d8f909f7332a3ff934c57e7385facc2a9a | Triage

Sharing

General

Target

b1313253704746db20556908eea196d8f909f7332a3ff934c57e7385facc2a9a
Size

30KB
Sample

220602-q5wprsbggl
MD5

9c0e668b4ffffb0b2b9348cc0fd100d7
SHA1

6b1f8046633b3d4bca139d5601005a1a7b01aa99
SHA256

b1313253704746db20556908eea196d8f909f7332a3ff934c57e7385facc2a9a
SHA512

c3cfec27f0afd66ffa196679a2d5edd55b81c74dc854f707df188a00f9c8dce31df67843119f957c7788a099708f51c915e918a47ac567b3fc24d5da1d33b14b

Score

10^/10

revengerat nyancatrevenge trojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

alice2019.myftp.biz:5050

Mutex

35dd546fe60c401

Targets

- Target
  
  b1313253704746db20556908eea196d8f909f7332a3ff934c57e7385facc2a9a
- Size
  
  30KB
- MD5
  
  9c0e668b4ffffb0b2b9348cc0fd100d7
- SHA1
  
  6b1f8046633b3d4bca139d5601005a1a7b01aa99
- SHA256
  
  b1313253704746db20556908eea196d8f909f7332a3ff934c57e7385facc2a9a
- SHA512
  
  c3cfec27f0afd66ffa196679a2d5edd55b81c74dc854f707df188a00f9c8dce31df67843119f957c7788a099708f51c915e918a47ac567b3fc24d5da1d33b14b
Score

10^/10

revengerat nyancatrevenge trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

revengeratnyancatrevengetrojan