revengerat

Sharing

Copy URL

Twitter E-mail

General

Target

Revenge-RAT v0.3.zip
Size

14.4MB
Sample

230626-gpranshf5s
MD5

1a3126dd39360ad9288b4257ca479a05
SHA1

f55e35dc78e9812b085b95d35c2c7c274b41ce8e
SHA256

751ab6c224bfc8714a9f5704dbbf69936864907d73bb26ad62e452d17451cb74
SHA512

dd6fbb7725441cd0639739eefbc3f7cb06b6d40287cd53d05e20da25086e5f3263e40015e90a6c920fdf0f4a9c4ada8f237231ef2a0170d254dcb3e6a4e6e507
SSDEEP

393216:ErrXrrjnSRIerLSVs6uD4FFlW5Z3K+N0ghpkbj24kEM:ErjrXte6wDEl43K+Nrhpkf5K

Score

10^/10

Malware Config

Extracted

Family

revengerat

Botnet

Guest

127.0.0.1:333

Mutex

RV_MUTEX

Targets

- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Client.exe
- Size
  
  16KB
- MD5
  
  010aabdc4dc52b82d3c6945aaefd22ec
- SHA1
  
  8f50c8e53c7da15308b57b399c22ab7b97333f5a
- SHA256
  
  0b3472c651db8cc9991a92097c22dc4cab8467aff96591f76fb89bc3af8eadaa
- SHA512
  
  609b0a617e4d6a168497b6aa8173b43690f57aefcf48eb3ce06540e7b9cde10b9e741c5d7b9eef936ab3d7857d155189902d0ab7b89784f0b61b74c10196bc0d
- SSDEEP
  
  384:X/5gk7lVzF3smf9oDPlMNcLlb5sVKhyLF5Ct:X/5gk7lVZjclMNEio
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
behavioral1
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/AHK/Ahk2Exe.exe
- Size
  
  339KB
- MD5
  
  d717d5943bdca2758360e4fa3b008a49
- SHA1
  
  3066109dbebd2ddd2ce658ca07e88062bc2ff679
- SHA256
  
  e2a00647b5fa56b077d3d07b1c05e3b76b7269e07fc3ea84750eb03ad71024de
- SHA512
  
  3cb028a6ede052842026a278e4cd67682b80cd45945612a07204841e68a09e6fed64de45f984316d6c8de2a44a7d99236339801ae9c4db2f1524f67f659edfeb
- SSDEEP
  
  6144:Pbbs8miuWxBn061wjr36UIU+yoTiKVpwCbC/ry7YOTD03AKDGb9V/:TgrTMn061M36RUOTvpwpNO/0dDGH
Score

1^/10
behavioral2
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/AHK/AutoHotkeySC.bin
- Size
  
  802KB
- MD5
  
  b86564d0eb29a5faab9e8daacf269df4
- SHA1
  
  c5e80905834d48ea1750b2ff4e2fa1b354adb9df
- SHA256
  
  2514235c34d17fdb4a8448bd088d89f631f5d70f12f5f7d5ee552144a345ed2d
- SHA512
  
  6fb1f669290d752d3cc4c96917969e0c958ca1643fff5ccbb8e2a6d5d8b6c011dcc782c5795cde2b0c83b65176e33dfb6cac98ce2a6cfb848888187c5a51955a
- SSDEEP
  
  24576:oNR2zaQBt37/CZ0w1PeWnzqhqCC6+PEy:dUsrC6aE
Score

1^/10
behavioral3
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/AHK/Unicode 32-bit.bin
- Size
  
  802KB
- MD5
  
  b86564d0eb29a5faab9e8daacf269df4
- SHA1
  
  c5e80905834d48ea1750b2ff4e2fa1b354adb9df
- SHA256
  
  2514235c34d17fdb4a8448bd088d89f631f5d70f12f5f7d5ee552144a345ed2d
- SHA512
  
  6fb1f669290d752d3cc4c96917969e0c958ca1643fff5ccbb8e2a6d5d8b6c011dcc782c5795cde2b0c83b65176e33dfb6cac98ce2a6cfb848888187c5a51955a
- SSDEEP
  
  24576:oNR2zaQBt37/CZ0w1PeWnzqhqCC6+PEy:dUsrC6aE
Score

1^/10
behavioral4
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Aut2Exe/Aut2exe.exe
- Size
  
  1.3MB
- MD5
  
  d28806a3244af288a2e569e36df136c4
- SHA1
  
  373816d4cc8fa8dc5973580aaa8fa9332e089b25
- SHA256
  
  89afe97dd27c3cadb96481dd38a1352bf6b98fa0206dd2d856728a47dc06f3ba
- SHA512
  
  59f5bc741ea2aa06ab4e23bf6b722201239c4fce094445f6a98bc5789abb121fe769747c34c105fa6bf38622c31c0a63802c278e5009859003c37c8190081d1c
- SSDEEP
  
  24576:PmTiPaj09O2jInFqpL6LqQOn6hyXEkImN5zVv3J4bD71Q51q:+4q2jqcpGen6e9zVvZUDZb
Score

1^/10
behavioral5
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Aut2Exe/Aut2exe_x64.exe
- Size
  
  1.4MB
- MD5
  
  cecb773c5b0e15b8d1c02840fd118f38
- SHA1
  
  217985ad1cdb4845c69c383695cdeb2645153cfd
- SHA256
  
  7261bd93161cfe191e354152d489c3721e41d84a87d6c1af7eaa4dc0c75ab3ff
- SHA512
  
  561e5ddb4aee39cad22fc685c1cd4cce070a88570b521e4dddf392cdab489aa549a6f7957ac222fe1317f985bdcc0b8839e7610b5447418e44a3b3410f9dfe89
- SSDEEP
  
  24576:QuvoBBCnx+6TiPaj09O2jInFqpL6LqQOn6hyXEkImN5zVv3J4bD71Q51a:b4uxt4q2jqcpGen6e9zVvZUDZH
Score

1^/10
behavioral6
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Aut2Exe/upx.exe
- Size
  
  298KB
- MD5
  
  e9eacbb7ab4b3f66019e0a2f13a1dba9
- SHA1
  
  ae30894b29e52bf04afc4a54795d438fb910acff
- SHA256
  
  0c3dc789d0a46493bd097526b920d913d930d96b1052cb331eec3ac560c89996
- SHA512
  
  925445d20c93c65a282fc59f773551d824bff1f8e2623fd8ea0c587831a9550c400f121defb3d82c8f0401903fa69e3154dc98e29688d02af1d5d01247914a06
- SSDEEP
  
  6144:vZCWmlys014OqpXDXz7yIrozs0WuNd3ojusBdgnNW6r4F53ttuGENGFdVCLEYnPQ:hCWV7q9zGImAjJdcH4j3ttzFdVCLNSf5
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/GoRC.exe
- Size
  
  54KB
- MD5
  
  d708cdcf904424e5ccfe7583ee1c7567
- SHA1
  
  8e47e3f58b42d400d347686f96fadbeca8f08416
- SHA256
  
  00e5dee46223200a6ec5fe8cb742dfa3dbcab1738233944c7fc8b66fc56e10e1
- SHA512
  
  b6e6fd7266729ce08d7618b1ae5ec231745a188da6c0c8837bfc464c642a36f1603911dd0ccf19f27ca004af2d7c58975f9424472841b165edeab1d0850c311d
- SSDEEP
  
  1536:hur3UYiUysl3B0ycb52RH78PMnwdY09RV:grEGqyqsFUXiY7
Score

1^/10
behavioral8
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Resource Hacker.exe
- Size
  
  4.1MB
- MD5
  
  c6391727ae405fb9812a8ad2a7729402
- SHA1
  
  83693dc297392c6a28f7f16d23414c6d62921711
- SHA256
  
  d98fbfca17f194400d19111e4813340e6666b254b99f833739b661a4d2d0217c
- SHA512
  
  7a4e2ff93d853415d433f5e90b36959c78b77590aa1fa00753831eb4d01cb1a972bb9e39eb8dee5b216005e7709eacda51c0c410aacfe37fcdb163603fd36570
- SSDEEP
  
  49152:CVQvQX7tXewSaMd3U32VYBZH9p8djP1S2RsT//mQHtbNqS0:CV2QpEBjPpRctHtbNq
Score

1^/10
behavioral9
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/dotNET_Reactor.exe
- Size
  
  5.9MB
- MD5
  
  a7d69d6ddbe2586d698ebdf7f49c1afa
- SHA1
  
  7b87de25c982d0cc42a1dde89790cd34acbcfd2e
- SHA256
  
  79f190a51af8a463f13ddd5a76947cf7ba2adfb8e231b37c5e0968602217a62b
- SHA512
  
  2d4fb34f83d9794c38ec39f12f78b8d7c5af331aea475eaecf589f95c9e1849196a8d5252a7f9beaa596bb34ddc0c94b76a6c9092dc0fb93ec6b0af9fb66226e
- SSDEEP
  
  49152:VXl2PFBegFNFLua2gBxnnim//7rF31inFhyNkLObEECwc0mjZ5tzCo3Eh5pfO+pD:VW5nnim//7uvwCt5tuo32v
Score

7^/10
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral10
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/mpress.exe
- Size
  
  101KB
- MD5
  
  8b632bfc3fe653a510cba277c2d699d1
- SHA1
  
  d6a57aa17e5eb51297def9bac04e574c1e36d9c7
- SHA256
  
  2852680c94a9d68cdab285012d9328a1ceca290db60c9e35155c2bb3e46a41b4
- SHA512
  
  b9ea70ed984d3b4a42eceb9f34f222b722c4c1985b79b368d769fe0fd1f19f037ffebe2cf938aa98ed450337836a7469d911848448d99223995f7fb3a9304587
- SSDEEP
  
  3072:S0+mlNniJkkKcfqBOb65VgB183gUGQ340HpL:SvmlNn4kkeOAVA1rUGh0Hp
Score

1^/10
behavioral11
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Plugin Compiler.exe
- Size
  
  534KB
- MD5
  
  fb315d1ae339c9506033026e78500199
- SHA1
  
  97dc5017a8a796750567fcd7b5bfb4be2233a5ae
- SHA256
  
  2f4fd04bbf02ef75845bfb287e5abc4fb7ae9a81776142b573eadadbf28fbe81
- SHA512
  
  895fc9f3c10bcab8c30fd7773820130b7d8d7e2145226052fedbb210b564db39e9078666762836235a8c6c40c49a3bb2b41f49f7753c97c2f09370a0327e154c
- SSDEEP
  
  3072:L+xuB9c7YdbMKsPcomyThhKq1+oXL8/xeAdLdZPn9Cc:Sxu7c7YdbMKsPcomyThwq1+w1Yn/9
Score

1^/10
behavioral12
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Revenge-RAT v0.3.exe
- Size
  
  13.7MB
- MD5
  
  531d8b4ac8f7eb827d62424169321b2b
- SHA1
  
  a269563cbfa32b667f89d709eebc0b6c08b57272
- SHA256
  
  6b2324bb337f722067e6c1b5cef5f64e89338e2beccf95289aaaa2af8a0556b9
- SHA512
  
  24fb3d7430cdd6fa4a80af2982f4334db722e97a0286e97bfc56600d27598710962641837a368a133d6f6a4bd8372f00e9dd49e9c79de14653cbf7360c3e2872
- SSDEEP
  
  98304:HsCsgsZshXVTRZjqFzlV2QpEBjPpRctHtbNqteTzsx9os5nsdhT9s:TRZjq7gwtW9Zi
Score

1^/10
behavioral13
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Theme Compiler.exe
- Size
  
  489KB
- MD5
  
  32ca48211b21af0bcc003d4433319671
- SHA1
  
  17e7c3362bc9663ddd10a1add0b5f42bbe51bf83
- SHA256
  
  19c95ad5cf50f8c8273fcd4179c4878ebede832f9234955ac4fd4233b5b6a693
- SHA512
  
  7ce094cd520e5074ec45b9eb23a09e2adc177233de0f17e63cdca124817c3dab4e412c3868aaf24b3efdf67ab7c7f00409bceb38ed5fcfbfc7673de3632b866e
- SSDEEP
  
  6144:qu7c7YdbMKsPcomyThwq1+wtmNG6M1OmN:qu7XdbM50omyhVAi
Score

1^/10
behavioral14

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

RevengeRat Executable

UPX packed file

Loads dropped DLL

Drops desktop.ini file(s)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14