General

  • Target

    b2qE.exe

  • Size

    17KB

  • Sample

    220717-t7m27adhh9

  • MD5

    3efae209d698fc477f958bd0f9d0a9d3

  • SHA1

    466a722b0a262abb4f6fb08132814573cd5cdab5

  • SHA256

    dd203194d0ea8460ac3173e861737a77fa684e5334503867e91a70acc7f73195

  • SHA512

    c28bcabffb4b88c7e0f4e7a5a8da75abd8294f68ed04f67f47928608dbd9050e54591ea9f97a5a94f4076a9373792978dc09b6b10092d0d3a2093df11b612b4f

Malware Config

Extracted

Family

revengerat

Botnet

Airport

C2

69.87.219.76:4040

Mutex

RV_MUTEX

Targets

    • Target

      b2qE.exe

    • Size

      17KB

    • MD5

      3efae209d698fc477f958bd0f9d0a9d3

    • SHA1

      466a722b0a262abb4f6fb08132814573cd5cdab5

    • SHA256

      dd203194d0ea8460ac3173e861737a77fa684e5334503867e91a70acc7f73195

    • SHA512

      c28bcabffb4b88c7e0f4e7a5a8da75abd8294f68ed04f67f47928608dbd9050e54591ea9f97a5a94f4076a9373792978dc09b6b10092d0d3a2093df11b612b4f

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

    • RevengeRat Executable

    • Drops startup file

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks