revengerat | 5ee9ba4151a71fba2b5087c16befe97e779ca5cd72e79cc394031a07814d377d | Triage

Sharing

General

Target

5ee9ba4151a71fba2b5087c16befe97e779ca5cd72e79cc394031a07814d377d
Size

17KB
Sample

220731-xhdc8sbhe7
MD5

b10508bc30db2fd82c33ac305f58c79a
SHA1

47bd2d8852a688b0c849baba210518f69b6dcfd2
SHA256

5ee9ba4151a71fba2b5087c16befe97e779ca5cd72e79cc394031a07814d377d
SHA512

7b3f7f2594925b7c81a75f7737c7475c7e471058c81cfa9b8ac992230256859e2e849fe169a7dcf5ea24e4f3c97b815f97587a626ec748ee2f852da5e33a4ea4

Score

10^/10

revengerat guest persistence stealer

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

mookdla.myq-see.com:2040

127.0.0.1:2040

Mutex

RV_MUTEX-DxjEexVoqqNL

Targets

- Target
  
  5ee9ba4151a71fba2b5087c16befe97e779ca5cd72e79cc394031a07814d377d
- Size
  
  17KB
- MD5
  
  b10508bc30db2fd82c33ac305f58c79a
- SHA1
  
  47bd2d8852a688b0c849baba210518f69b6dcfd2
- SHA256
  
  5ee9ba4151a71fba2b5087c16befe97e779ca5cd72e79cc394031a07814d377d
- SHA512
  
  7b3f7f2594925b7c81a75f7737c7475c7e471058c81cfa9b8ac992230256859e2e849fe169a7dcf5ea24e4f3c97b815f97587a626ec748ee2f852da5e33a4ea4
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

behavioral2