revengerat | 5dadcff70276a8aa347136f8df0bd2fbd3342470ba4ef38da696b4426b91b7c6 | Triage

Submit
Reports

Overview

overview

Static

static

5dadcff702...c6.exe

windows7-x64

5dadcff702...c6.exe

windows10-2004-x64

Sharing

General

Target

5dadcff70276a8aa347136f8df0bd2fbd3342470ba4ef38da696b4426b91b7c6
Size

1.1MB
Sample

220731-2nxraabec2
MD5

90db2df33725d3ee85ccc9f2c241e3c3
SHA1

7efae20c555d7b92255a90097f876183f9a0ac3b
SHA256

5dadcff70276a8aa347136f8df0bd2fbd3342470ba4ef38da696b4426b91b7c6
SHA512

8ff581a8b090ee451b5bcad3bf97535abffd92e56c85a48d93a2a356ede94f210c2516161d02a123c4a541fdf4920e77fb51aa2601efe81d4e6771ac1c918c74

Score

10^/10

revengerat guest persistence stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

5dadcff70276a8aa347136f8df0bd2fbd3342470ba4ef38da696b4426b91b7c6.exe

Resource

win7-20220715-en

revengerat guest persistence stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5dadcff70276a8aa347136f8df0bd2fbd3342470ba4ef38da696b4426b91b7c6.exe

Resource

win10v2004-20220721-en

revengerat guest persistence stealer trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

127.0.0.1:333

Mutex

RV_MUTEX

Targets

- Target
  
  5dadcff70276a8aa347136f8df0bd2fbd3342470ba4ef38da696b4426b91b7c6
- Size
  
  1.1MB
- MD5
  
  90db2df33725d3ee85ccc9f2c241e3c3
- SHA1
  
  7efae20c555d7b92255a90097f876183f9a0ac3b
- SHA256
  
  5dadcff70276a8aa347136f8df0bd2fbd3342470ba4ef38da696b4426b91b7c6
- SHA512
  
  8ff581a8b090ee451b5bcad3bf97535abffd92e56c85a48d93a2a356ede94f210c2516161d02a123c4a541fdf4920e77fb51aa2601efe81d4e6771ac1c918c74
Score

10^/10

revengerat guest persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

revengeratguestpersistencestealertrojan

behavioral2

revengeratguestpersistencestealertrojan

© 2018-2024

Terms | Privacy