revengerat | 0b75f86bd7c01f5273a67caa8d0fae6ddba35a6d51d041e51586dec3b1c46c74 | Triage

Submit
Reports

Overview

overview

Static

static

1

Догов...а.exe

windows7-x64

Догов...а.exe

windows10-2004-x64

Образец.docx

windows7-x64

4

Образец.docx

windows10-2004-x64

1

Sharing

General

Target

JC_0b75f86bd7c01f5273a67caa8d0fae6ddba35a6d51d041e51586dec3b1c46c74
Size

134KB
Sample

230905-sh76dsge46
MD5

3ba8dd93d17ddd1e317616ad826e024f
SHA1

854e2b2b77a9f6d9bd466c0a2d91bf38c8b484a1
SHA256

0b75f86bd7c01f5273a67caa8d0fae6ddba35a6d51d041e51586dec3b1c46c74
SHA512

94c357225c0de5f4a58c22a98e20bbeb0723ed903de0fb895f962ae029945ca1c2ed904a1460739c3c2e85cb7df8744d4b3454a3527db967a5c1724d29006f7f
SSDEEP

3072:htCTqDQ0L73P6j3VbcyzWfsM9FQrunzn2/GZm6mEAr0Nv/APzktoccQ:+YQY7fo17zWfsM9FQruzn2/Gm6Zw0NXY

Score

10^/10

revengerat spam stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

Договор на оказании услуг № 118 от 4 сентября 2023 года.exe

Resource

win7-20230831-en

revengerat spam stealer trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

Договор на оказании услуг № 118 от 4 сентября 2023 года.exe

Resource

win10v2004-20230831-en

revengerat spam stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

Образец.docx

Resource

win7-20230831-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral4

Sample

Образец.docx

Resource

win10v2004-20230831-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

SPAM

C2

rampage.myvnc.com:7997

Mutex

RV_MUTEX-HLONSnIELecwCkj

Targets

- Target
  
  Договор на оказании услуг № 118 от 4 сентября 2023 года.exe
- Size
  
  181KB
- MD5
  
  ae54265ffb04a170169e6388cf5961b7
- SHA1
  
  8407b1995f1978615ca5fd56178902407d88f0b8
- SHA256
  
  fee5a8b8885707851e24603d70a6536c9165a804a277b575d709cad6189b2868
- SHA512
  
  0d515b96d56363d8fab44057811d66cb56082141b8ad826e79cd8d0500804e3d93c4b8a2caab0eafd7fb17f39ac44ffd06e56b0a4ba5530235fe8b49bd5a6022
- SSDEEP
  
  3072:1l48jJskK8OwrtPKy2VsV35gGAq1FB5PXyL0Iat6RpkSMei07TIQRQ:Q8jJ88OwrtPKy2SVJg2xbIat6NMei4q
Score

10^/10

revengerat spam stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Образец.docx
- Size
  
  32KB
- MD5
  
  fc590f6ef1a1ba4210639167f6109006
- SHA1
  
  72427384650bb906185e2dd1f1e7414eb34c246d
- SHA256
  
  f0bbb270002901ea81a5b0c017fc334c477e322abf3236242db410de4a566130
- SHA512
  
  e89ea97f7b40e494fe3aa24f3f7e918cd991a0c9b0282526e6911569ad8a286bce5b69a881087f1a71a8c8e796e0ab71102822f7fd5a88505b2becef9abb3f52
- SSDEEP
  
  768:3vBxEeTbR6GQPZ05AhQpnctEWRDznHB5YzFYz1HxkO:JZPR6GQPQAa6hfHB4c1HCO
Score

4^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

revengeratspam stealertrojan

behavioral2

revengeratspam stealertrojan

behavioral3

behavioral4

© 2018-2024

Terms | Privacy