revengerat | 308eb7c2fd6238b8194d33348051db21de2e93cda17aee8fcefe1ada21ef0849 | Triage

Submit
Reports

Overview

overview

Static

static

308eb7c2fd...49.exe

windows7_x64

308eb7c2fd...49.exe

windows10-2004_x64

Sharing

General

Target

308eb7c2fd6238b8194d33348051db21de2e93cda17aee8fcefe1ada21ef0849
Size

59KB
Sample

220621-dw4b2aacbn
MD5

574684c7708d5026e2cc84df0bf873f7
SHA1

3f2332101004dae325affce9f3867a34ac03a82a
SHA256

308eb7c2fd6238b8194d33348051db21de2e93cda17aee8fcefe1ada21ef0849
SHA512

beec7b8759df71d4adcf9c134a2374cc91d1ca35f84e5345d94899ca05570daeb63270f3d8f8012f06e654ee317cb626a3f26af5ac71d8dec6bc87e7b467380b

Score

10^/10

revengerat persistence stealer trojan

Static task

static1

stealer revengerat

Behavioral task

behavioral1

Sample

308eb7c2fd6238b8194d33348051db21de2e93cda17aee8fcefe1ada21ef0849.exe

Resource

win7-20220414-en

revengerat persistence stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

308eb7c2fd6238b8194d33348051db21de2e93cda17aee8fcefe1ada21ef0849.exe

Resource

win10v2004-20220414-en

revengerat stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  308eb7c2fd6238b8194d33348051db21de2e93cda17aee8fcefe1ada21ef0849
- Size
  
  59KB
- MD5
  
  574684c7708d5026e2cc84df0bf873f7
- SHA1
  
  3f2332101004dae325affce9f3867a34ac03a82a
- SHA256
  
  308eb7c2fd6238b8194d33348051db21de2e93cda17aee8fcefe1ada21ef0849
- SHA512
  
  beec7b8759df71d4adcf9c134a2374cc91d1ca35f84e5345d94899ca05570daeb63270f3d8f8012f06e654ee317cb626a3f26af5ac71d8dec6bc87e7b467380b
Score

10^/10

revengerat persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Scripting

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerrevengerat

behavioral1

revengeratpersistencestealertrojan

behavioral2

revengeratstealertrojan

© 2018-2024

Terms | Privacy