revengerat | 38ce94566b232068f27ce65238f76af556b99bbf777510849814ab78845202e1 | Triage

Submit
Reports

Overview

overview

Static

static

38ce94566b...e1.exe

windows7_x64

38ce94566b...e1.exe

windows10-2004_x64

8

Sharing

General

Target

38ce94566b232068f27ce65238f76af556b99bbf777510849814ab78845202e1
Size

221KB
Sample

220625-xh1tjaabe4
MD5

0000f2fe7835220b78e0861aa65a851b
SHA1

0f84700c4c0d10aa43cc8f11e6bd4a56b16e9b71
SHA256

38ce94566b232068f27ce65238f76af556b99bbf777510849814ab78845202e1
SHA512

13781ef4997f742e5de33ac8c094eff1b7efa0dd93e72f2a8f951f27aa3d3445cdd5c87a49c77671b3bd211355650e92d5d1784c1fbfaea877f7e80fe13ea16b

Score

10^/10

revengerat persistence stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

38ce94566b232068f27ce65238f76af556b99bbf777510849814ab78845202e1.exe

Resource

win7-20220414-en

revengerat persistence stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

38ce94566b232068f27ce65238f76af556b99bbf777510849814ab78845202e1.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  38ce94566b232068f27ce65238f76af556b99bbf777510849814ab78845202e1
- Size
  
  221KB
- MD5
  
  0000f2fe7835220b78e0861aa65a851b
- SHA1
  
  0f84700c4c0d10aa43cc8f11e6bd4a56b16e9b71
- SHA256
  
  38ce94566b232068f27ce65238f76af556b99bbf777510849814ab78845202e1
- SHA512
  
  13781ef4997f742e5de33ac8c094eff1b7efa0dd93e72f2a8f951f27aa3d3445cdd5c87a49c77671b3bd211355650e92d5d1784c1fbfaea877f7e80fe13ea16b
Score

10^/10

revengerat persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengeratpersistencestealertrojan

behavioral2

© 2018-2024

Terms | Privacy