revengerat | 741e8c52db85376d5443147e247ee42141cf6920ec197ac71d7e43eee60bd9ec | Triage

Sharing

General

Target

741e8c52db85376d5443147e247ee42141cf6920ec197ac71d7e43eee60bd9ec
Size

138KB
Sample

220625-b9dx7ahedr
MD5

924b5216f581858cf223149da2273e0a
SHA1

05c859484e219e339a7b982725177aa44027c9a6
SHA256

741e8c52db85376d5443147e247ee42141cf6920ec197ac71d7e43eee60bd9ec
SHA512

6a568362cf6b1fe7ec48ca5f27f1c9ace682f1755e5c6f06228efd907628bb1daf5e6b431adf77d990d68aa97f44c11ce45af74ce85198bdb1249d03999ae979

Score

10^/10

revengerat limebuilder stealer trojan

Malware Config

Extracted

Family

revengerat

Botnet

LimeBuilder

C2

nocbaba1.duckdns.org:81

Mutex

RV_MUTEX-FZMONFueOciq

Targets

- Target
  
  741e8c52db85376d5443147e247ee42141cf6920ec197ac71d7e43eee60bd9ec
- Size
  
  138KB
- MD5
  
  924b5216f581858cf223149da2273e0a
- SHA1
  
  05c859484e219e339a7b982725177aa44027c9a6
- SHA256
  
  741e8c52db85376d5443147e247ee42141cf6920ec197ac71d7e43eee60bd9ec
- SHA512
  
  6a568362cf6b1fe7ec48ca5f27f1c9ace682f1755e5c6f06228efd907628bb1daf5e6b431adf77d990d68aa97f44c11ce45af74ce85198bdb1249d03999ae979
Score

10^/10

revengerat limebuilder stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengeratlimebuilderstealertrojan

behavioral2