revengerat | 2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5 | Triage

Submit
Reports

Overview

overview

Static

static

1

00026391087.ppam

windows7-x64

00026391087.ppam

windows10-2004-x64

Sharing

General

Target

00026391087.ppam
Size

19KB
Sample

230512-hfrqhsed3s
MD5

f2c6f5b43d73d91bb9eb0de2812ff7cb
SHA1

d4dbf0af4bfbd0f6ce0aadb9dcbbc30cebf36aad
SHA256

2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5
SHA512

bd2abddb6f66c5f104925d48d6499ed336e52b43829ee42595f00382c69dccb4398822c8df565c31a44ea9fe12dc4fc31c953652a4698bdf6fbfa96df304a82a
SSDEEP

384:dXPWGaYOMHEG4upmXuB44OPJ8GfkXjedXRMx+CI/tQiZlyszuCqo9NRrccG:VPWGNO7kpme64C21Xjc2xXI/XTys6ARk

Score

10^/10

revengerat nyancatrevenge trojan

Static task

static1

Behavioral task

behavioral1

Sample

00026391087.ppam

Resource

win7-20230220-en

revengerat nyancatrevenge trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

00026391087.ppam

Resource

win10v2004-20230220-en

revengerat nyancatrevenge trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

m7.ddns.com.br:5222

Mutex

30c2ac3031a0

Targets

- Target
  
  00026391087.ppam
- Size
  
  19KB
- MD5
  
  f2c6f5b43d73d91bb9eb0de2812ff7cb
- SHA1
  
  d4dbf0af4bfbd0f6ce0aadb9dcbbc30cebf36aad
- SHA256
  
  2fe97c1cb597d1812cfefe11ce2327da3d18e3cc16bacf38512db1cbd53570d5
- SHA512
  
  bd2abddb6f66c5f104925d48d6499ed336e52b43829ee42595f00382c69dccb4398822c8df565c31a44ea9fe12dc4fc31c953652a4698bdf6fbfa96df304a82a
- SSDEEP
  
  384:dXPWGaYOMHEG4upmXuB44OPJ8GfkXjedXRMx+CI/tQiZlyszuCqo9NRrccG:VPWGNO7kpme64C21Xjc2xXI/XTys6ARk
Score

10^/10

revengerat nyancatrevenge trojan
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratnyancatrevengetrojan

behavioral2

revengeratnyancatrevengetrojan

© 2018-2024

Terms | Privacy