revengerat | dd203194d0ea8460ac3173e861737a77fa684e5334503867e91a70acc7f73195 | Triage

Submit
Reports

Overview

overview

Static

static

b2qE.exe

windows7-x64

b2qE.exe

windows10-2004-x64

7

Sharing

General

Target

b2qE.exe
Size

17KB
Sample

220717-t7m27adhh9
MD5

3efae209d698fc477f958bd0f9d0a9d3
SHA1

466a722b0a262abb4f6fb08132814573cd5cdab5
SHA256

dd203194d0ea8460ac3173e861737a77fa684e5334503867e91a70acc7f73195
SHA512

c28bcabffb4b88c7e0f4e7a5a8da75abd8294f68ed04f67f47928608dbd9050e54591ea9f97a5a94f4076a9373792978dc09b6b10092d0d3a2093df11b612b4f

Score

10^/10

revengerat airport stealer trojan

Static task

static1

stealer airport revengerat

2 signatures

Behavioral task

behavioral1

Sample

b2qE.exe

Resource

win7-20220715-en

revengerat airport stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2qE.exe

Resource

win10v2004-20220414-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Airport

C2

69.87.219.76:4040

Mutex

RV_MUTEX

Targets

- Target
  
  b2qE.exe
- Size
  
  17KB
- MD5
  
  3efae209d698fc477f958bd0f9d0a9d3
- SHA1
  
  466a722b0a262abb4f6fb08132814573cd5cdab5
- SHA256
  
  dd203194d0ea8460ac3173e861737a77fa684e5334503867e91a70acc7f73195
- SHA512
  
  c28bcabffb4b88c7e0f4e7a5a8da75abd8294f68ed04f67f47928608dbd9050e54591ea9f97a5a94f4076a9373792978dc09b6b10092d0d3a2093df11b612b4f
Score

10^/10

revengerat airport stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerairportrevengerat

behavioral1

revengeratairportstealertrojan

behavioral2

© 2018-2024

Terms | Privacy