revengerat | fff181b9a2ba6244e9509682573d004071f06825637a0c46bf50f3dad73b1fa4 | Triage

Submit
Reports

Overview

overview

Static

static

56436.exe

windows7-x64

Resubmissions

03-06-2023 11:19

230603-ne3dhsge65 10

03-06-2023 11:03

230603-m5sfkage45 10

Sharing

General

Target

56436.exe
Size

17KB
Sample

230603-m5sfkage45
MD5

c809335d893e45403a4b3a2f057912d4
SHA1

e98ccab279d633a8ab0e66ad7812fb4d5a656dba
SHA256

fff181b9a2ba6244e9509682573d004071f06825637a0c46bf50f3dad73b1fa4
SHA512

5f67a1088350510ba24a2688a6d486d7a61e983dc84475918e54da08ecd1cc7eddbccd6b51bc94593d756703e3e8b1edbcefe1312a2bc06416502a0fed657d14
SSDEEP

384:9GDRfRdKatRiWfu+/oEIPJvnbisVKi6yrLu2s2:9GF5dKat32+IRmua2

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer guest revengerat

3 signatures

Behavioral task

behavioral1

Sample

56436.exe

Resource

win7-20230220-en

revengerat guest stealer trojan

windows7-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

structure-processor.at.ply.gg:45659

Mutex

RV_MUTEX

Targets

- Target
  
  56436.exe
- Size
  
  17KB
- MD5
  
  c809335d893e45403a4b3a2f057912d4
- SHA1
  
  e98ccab279d633a8ab0e66ad7812fb4d5a656dba
- SHA256
  
  fff181b9a2ba6244e9509682573d004071f06825637a0c46bf50f3dad73b1fa4
- SHA512
  
  5f67a1088350510ba24a2688a6d486d7a61e983dc84475918e54da08ecd1cc7eddbccd6b51bc94593d756703e3e8b1edbcefe1312a2bc06416502a0fed657d14
- SSDEEP
  
  384:9GDRfRdKatRiWfu+/oEIPJvnbisVKi6yrLu2s2:9GF5dKat32+IRmua2
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratgueststealertrojan

© 2018-2024

Terms | Privacy