revengerat | c37430f6f2249e0faff20595f0677955cd2c1f727f94bff53f21ecc894e340f6 | Triage

Sharing

General

Target

explorer.exe
Size

133KB
Sample

230806-wlgz6abd96
MD5

247976d7e405bfd0f716a3d5f2cd499b
SHA1

dbcf03a94b3cced51ebe42af6f860e8d898f2459
SHA256

c37430f6f2249e0faff20595f0677955cd2c1f727f94bff53f21ecc894e340f6
SHA512

664b189c6b99b8927bb6fdb52c2c3f0031e88edc1dac80c8f6da5682ac30f17f295bed739df56e4bb754dca773c9eeb4e4b56fc3c36ccda0ab182ad54dd7edad
SSDEEP

3072:DjC4DKvke46oEabPu97HZO4Aue/sobH0hLNM:3C4DKvh4PbPETZ4uLoUT

Score

10^/10

revengerat persistence stealer trojan

Malware Config

Targets

- Target
  
  explorer.exe
- Size
  
  133KB
- MD5
  
  247976d7e405bfd0f716a3d5f2cd499b
- SHA1
  
  dbcf03a94b3cced51ebe42af6f860e8d898f2459
- SHA256
  
  c37430f6f2249e0faff20595f0677955cd2c1f727f94bff53f21ecc894e340f6
- SHA512
  
  664b189c6b99b8927bb6fdb52c2c3f0031e88edc1dac80c8f6da5682ac30f17f295bed739df56e4bb754dca773c9eeb4e4b56fc3c36ccda0ab182ad54dd7edad
- SSDEEP
  
  3072:DjC4DKvke46oEabPu97HZO4Aue/sobH0hLNM:3C4DKvh4PbPETZ4uLoUT
Score

10^/10

revengerat persistence stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

revengeratpersistencestealertrojan

behavioral2