Overview

overview

10

Static

static

5

NEAS.75e10...60.exe

windows7-x64

10

NEAS.75e10...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.75e10091f85746236b13d3942516be60.exe

  • Size

    901KB

  • Sample

    231103-jy3q6sec4w

  • MD5

    75e10091f85746236b13d3942516be60

  • SHA1

    079d7479f16b7c3cd84abe158a8e05ef6b77539d

  • SHA256

    fd211fca40da3299ec27ad50f51b5955909a94daa883e8c84c01ae74da2e7652

  • SHA512

    960c7d08ad75ba60c3d314e0f05cbe5900d6148fce32cdd3731e8c0debd08915b6c54c3e389e70c9c8f02c9d5627c4746cefafdb767a1b9b2246c14fa5a7ea73

  • SSDEEP

    24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5H:gh+ZkldoPK8YaKGH

Score
10/10
revengeratmarzo26stealertrojan

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

    • Target

      NEAS.75e10091f85746236b13d3942516be60.exe

    • Size

      901KB

    • MD5

      75e10091f85746236b13d3942516be60

    • SHA1

      079d7479f16b7c3cd84abe158a8e05ef6b77539d

    • SHA256

      fd211fca40da3299ec27ad50f51b5955909a94daa883e8c84c01ae74da2e7652

    • SHA512

      960c7d08ad75ba60c3d314e0f05cbe5900d6148fce32cdd3731e8c0debd08915b6c54c3e389e70c9c8f02c9d5627c4746cefafdb767a1b9b2246c14fa5a7ea73

    • SSDEEP

      24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5H:gh+ZkldoPK8YaKGH

    Score
    10/10
    revengeratmarzo26stealertrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • RevengeRat Executable

      stealer

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks