revengerat | 94151f693fab777c75599728098c54d63aa1e9fb646aabe0d2c0e7270dfc56f7 | Triage

Submit
Reports

Overview

overview

Static

static

0x00070000...55.exe

windows7-x64

0x00070000...55.exe

windows10-2004-x64

Sharing

General

Target

0x0007000000005c50-55.dat
Size

63KB
Sample

220906-qqe4gadef3
MD5

6b5c0e29662a332947386b371a337a52
SHA1

c7bc42ad31263077e59dc8cd85aadd3731c69a77
SHA256

94151f693fab777c75599728098c54d63aa1e9fb646aabe0d2c0e7270dfc56f7
SHA512

9beae50ab693a5b525d44fab5e64d6dc86a20ee4d59c32b3470d5bab804151d1af4578e19ee310d4b41ec500909d541a910e316859abc62d5fa29e79e829ff82
SSDEEP

1536:75DLR+zhAoV7xwd2/GnV+AINrS4dWYB7EdlU+:75XRUAoVFwkIV35QWYBkU+

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer guest revengerat

2 signatures

Behavioral task

behavioral1

Sample

0x0007000000005c50-55.exe

Resource

win7-20220812-en

revengerat guest stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x0007000000005c50-55.exe

Resource

win10v2004-20220812-en

revengerat guest stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

194.5.179.83:4040

127.0.0.1:4040

Mutex

RV_MUTEX

Targets

- Target
  
  0x0007000000005c50-55.dat
- Size
  
  63KB
- MD5
  
  6b5c0e29662a332947386b371a337a52
- SHA1
  
  c7bc42ad31263077e59dc8cd85aadd3731c69a77
- SHA256
  
  94151f693fab777c75599728098c54d63aa1e9fb646aabe0d2c0e7270dfc56f7
- SHA512
  
  9beae50ab693a5b525d44fab5e64d6dc86a20ee4d59c32b3470d5bab804151d1af4578e19ee310d4b41ec500909d541a910e316859abc62d5fa29e79e829ff82
- SSDEEP
  
  1536:75DLR+zhAoV7xwd2/GnV+AINrS4dWYB7EdlU+:75XRUAoVFwkIV35QWYBkU+
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratgueststealertrojan

behavioral2

revengeratgueststealertrojan

© 2018-2024

Terms | Privacy