revengerat | 513d11e94e1524f5d0c8cd126c4ff9ef3864c41a155494ee8b3fb1e71ddb5250 | Triage

Sharing

General

Target

1bc919d940d88583f726e3cf425ec2a3
Size

17KB
Sample

231221-2tnessffhn
MD5

1bc919d940d88583f726e3cf425ec2a3
SHA1

321c7e739f9861686813d28c350062ce7f8a763f
SHA256

513d11e94e1524f5d0c8cd126c4ff9ef3864c41a155494ee8b3fb1e71ddb5250
SHA512

80c95b403f71eedd529caab66b5b075846ef9a88a0668b9655503ec760a5ccd64742cc3f51440c5a342b54ad7f4590c165f487689857b3584e60eb2306ab7c0e
SSDEEP

384:P0FAtnQlapx7njALT9oDPlMNcLlb5sVK2yG5Ct:P0FAlQlc7jAXclMNEko

Score

10^/10

revengerat guest stealer

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

127.0.0.1:333

127.0.0.1:2019

administratorsheel.duckdns.org:333

administratorsheel.duckdns.org:2019

Mutex

RV_MUTEX

Targets

- Target
  
  1bc919d940d88583f726e3cf425ec2a3
- Size
  
  17KB
- MD5
  
  1bc919d940d88583f726e3cf425ec2a3
- SHA1
  
  321c7e739f9861686813d28c350062ce7f8a763f
- SHA256
  
  513d11e94e1524f5d0c8cd126c4ff9ef3864c41a155494ee8b3fb1e71ddb5250
- SHA512
  
  80c95b403f71eedd529caab66b5b075846ef9a88a0668b9655503ec760a5ccd64742cc3f51440c5a342b54ad7f4590c165f487689857b3584e60eb2306ab7c0e
- SSDEEP
  
  384:P0FAtnQlapx7njALT9oDPlMNcLlb5sVK2yG5Ct:P0FAlQlc7jAXclMNEko
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

stealerguestrevengerat

behavioral1

behavioral2