revengerat | 3b85020323e7b11ba66d785eaf5fa7e3cf3e21791f6b97e6abef4f579266fa3d | Triage

Submit
Reports

Overview

overview

Static

static

5

3b85020323...3d.exe

windows7-x64

3b85020323...3d.exe

windows10-2004-x64

Sharing

General

Target

3b85020323e7b11ba66d785eaf5fa7e3cf3e21791f6b97e6abef4f579266fa3d
Size

943KB
Sample

220724-sweq1ahagr
MD5

c3d7fac817472717e5ea1f86ac1ff617
SHA1

5a79365fdae5a436e6aea22ff1155734a8ae92f7
SHA256

3b85020323e7b11ba66d785eaf5fa7e3cf3e21791f6b97e6abef4f579266fa3d
SHA512

8d0a0a393b5916c21fcaf84b3751d459682877c3150034a732e91583a327f6039b2dd121e38672016a3dff99629976bc70ea7b2d3f5ecbf566e6e9901a97e656

Score

10^/10

revengerat guest stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3b85020323e7b11ba66d785eaf5fa7e3cf3e21791f6b97e6abef4f579266fa3d.exe

Resource

win7-20220718-en

revengerat guest stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

3b85020323e7b11ba66d785eaf5fa7e3cf3e21791f6b97e6abef4f579266fa3d.exe

Resource

win10v2004-20220721-en

revengerat guest stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

ournewcompany2.hopto.org:333

Mutex

RV_MUTEX

Targets

- Target
  
  3b85020323e7b11ba66d785eaf5fa7e3cf3e21791f6b97e6abef4f579266fa3d
- Size
  
  943KB
- MD5
  
  c3d7fac817472717e5ea1f86ac1ff617
- SHA1
  
  5a79365fdae5a436e6aea22ff1155734a8ae92f7
- SHA256
  
  3b85020323e7b11ba66d785eaf5fa7e3cf3e21791f6b97e6abef4f579266fa3d
- SHA512
  
  8d0a0a393b5916c21fcaf84b3751d459682877c3150034a732e91583a327f6039b2dd121e38672016a3dff99629976bc70ea7b2d3f5ecbf566e6e9901a97e656
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengeratgueststealertrojan

behavioral2

revengeratgueststealertrojan

© 2018-2024

Terms | Privacy