revengerat | fcfcea85a15e4cfeb120fb025974a9c3c115bba77f1ed860782861bec4e0b926

Sharing

Copy URL

Twitter E-mail

General

Target

a4d7c3a88165ffc52a9fc2edcc662805_JaffaCakes118
Size

3.0MB
Sample

240403-ycmkdsaf5z
MD5

a4d7c3a88165ffc52a9fc2edcc662805
SHA1

b4902b7975a244bdfe82174ccc2358c3b822831b
SHA256

fcfcea85a15e4cfeb120fb025974a9c3c115bba77f1ed860782861bec4e0b926
SHA512

cfb5092b19971a3047365eff3d7137079e071fb334cec4122b17dd49641611381d5a09ad6e295b5b001f1b70b5b185f37da3b0b4a7d8dbc7eae6ad2a674d40f2
SSDEEP

49152:qIjfWJqyJzAfjd15q0KuL7rcLXYRQHUYx4JkUnVrPsVo3UcqcCGGIql:qOfsJzAd15C87MXYuHUx9psVo3onl

Score

10^/10

revengerat stealer

Malware Config

Targets

- Target
  
  a4d7c3a88165ffc52a9fc2edcc662805_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  a4d7c3a88165ffc52a9fc2edcc662805
- SHA1
  
  b4902b7975a244bdfe82174ccc2358c3b822831b
- SHA256
  
  fcfcea85a15e4cfeb120fb025974a9c3c115bba77f1ed860782861bec4e0b926
- SHA512
  
  cfb5092b19971a3047365eff3d7137079e071fb334cec4122b17dd49641611381d5a09ad6e295b5b001f1b70b5b185f37da3b0b4a7d8dbc7eae6ad2a674d40f2
- SSDEEP
  
  49152:qIjfWJqyJzAfjd15q0KuL7rcLXYRQHUYx4JkUnVrPsVo3UcqcCGGIql:qOfsJzAd15C87MXYuHUx9psVo3onl
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Processes.dll
- Size
  
  56KB
- MD5
  
  cc0bd4f5a79107633084471dbd4af796
- SHA1
  
  09dfcf182b1493161dec8044a5234c35ee24c43a
- SHA256
  
  3b5388e13dab53d53e08791f492ed7d3094a0cee51e9841af83ce02534e0621c
- SHA512
  
  67ba90ec04366e07d0922ffb4dbbb4f12f90b6785b87700adaae29327db9ec2a03d750b229f858db0594f439499d6346fbf1ebc17c77162bf8da027515219ee3
- SSDEEP
  
  768:WmswCIbuzwEmd7Fp4KpDAKngV9tV3rJy63JgaVwoz7si4uYqUYWu1gYwmj552RFB:WmswCIbuzwEy7n3YD3Jgw7shKrp55io
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral10 behavioral9
- Target
  
  DMCustomControls.dll
- Size
  
  76KB
- MD5
  
  2b18682b2ab898c305afa0091aa4e73e
- SHA1
  
  8bebaaab2f2745153fe177d676447e5737a85261
- SHA256
  
  82f6ab7829b69dcbac7bb31298fd28e11d0d1b20f3afec87ce6ebf7c68ae8ebf
- SHA512
  
  3539e72e7a80297ed4fc3d8944c9084c001301f570c83a51c21f46b9d54e6770536deb18639fd17bbde2a9110fdcf25b2a0e2fb811a69805bf8ee889f7db0d5f
- SSDEEP
  
  1536:VSXKwgV2WaY+4j6CYPGYV4SZZ6Msu9fqe5s3qD5Bd:VSXKwO2WDj6C9YV3uKfT1
Score

1^/10
behavioral11 behavioral12
- Target
  
  DMSharedClasses.dll
- Size
  
  56KB
- MD5
  
  4780093749d2f056143b802ccd980228
- SHA1
  
  1029a2c3e2a549103d8e9d63b5ab338afd9b819c
- SHA256
  
  e4d69b5e90056c2cd861703514b6cee5a684784aaf797689e3fadc3f49b11f49
- SHA512
  
  a32a8bd68976d2b5b89311e85674db3a46edc32cf2432ed4a765d81846ff42bc8126d3e8c990770d64f582a54552cbfb302f8873edd51110a883ac0a899f1e01
- SSDEEP
  
  1536:pm9fs+I6dH5DTNA2FFQRus7Zpe+P4uwm:pilI6dH5DW2pslIm
Score

1^/10
behavioral13 behavioral14
- Target
  
  DMStartupWizard.XmlSerializers.dll
- Size
  
  44KB
- MD5
  
  1aa7bb8c1956948d299e77fba8826621
- SHA1
  
  58deedc748f46188885b1c19d534acc6071cbb3d
- SHA256
  
  4f23e2fe07ee20b2a1a00805932fb7b6838202269db5d9d1dea4c82f83b47705
- SHA512
  
  c61d73b17d88a9fcaac8278b6317741dc1f2365b1cc7029d132cffc5eb8635fe45717ee0d859ea3a25f50ca9bf8b1494ac088c964d326dd0be8a6c2b9b3ac08c
- SSDEEP
  
  768:jE9kv9kj9EwOZ/Wy7bjjjjjjjjjjjjjjjaofrDQGS27fCXgYPe47G1EECRh8wjHK:j/wGjjjjjjjjjjjjjjjauYPe47G1EECu
Score

1^/10
behavioral15 behavioral16
- Target
  
  DMStartupWizard.dll
- Size
  
  361KB
- MD5
  
  7f9a4020950160f29fbc6d47f4602721
- SHA1
  
  adb774fcacc4c4fc681497bfe44007b73f0da625
- SHA256
  
  bec638df0f512b5df4d7f76783df149350a7f4bba846bc598b6747b4d9d29ce3
- SHA512
  
  13d833d251d2169bc173b322e14e6622678276582864046a47d1450972a018b46a177191832ae0cd36eccb291ed6b09ad6ed992b809a7cd1b0852f170d46f2af
- SSDEEP
  
  3072:OvBhvBjvBzbDynVr0820q+8G9US77nL7H7V0/LekGpwF92vBwZX6JPD+PjVM5KQ0:wPtzb2RrDjUwjnZie5GswZq
Score

1^/10
behavioral17 behavioral18
- Target
  
  DMUpdater.exe
- Size
  
  81KB
- MD5
  
  0c4cb93abeda5513197a506eb3177c5d
- SHA1
  
  85f56a2fb3fa0547a6906f69ff981b2e0464e4b8
- SHA256
  
  735ac060797d58c250a2121a916db7307b56092ee061a12a9aaac878b02fad8f
- SHA512
  
  0fe3900927028ec09d90df15134233f1886c99637cf32cdb1396e3a78799d61aa7d22e13ee31de36cc43c48c42dfb76c9681546922ec880990b4017706e599a7
- SSDEEP
  
  768:AJVDjSa2cr7NkwVqKira6h/PmUQtLjSa2cr7NkwVqKira6:AvGa2ceXpz1uUQtLGa2ceXpz
Score

1^/10
behavioral19 behavioral20
- Target
  
  DataMaster Launcher.exe
- Size
  
  81KB
- MD5
  
  09a22b3fdb563dc3b060b376491bb4c3
- SHA1
  
  a53a8c8c7634430a056183fc02f80a49861825ef
- SHA256
  
  b6899991ab571815564a445d3e2d7cc68c1ca2ccbd9779a24794216e81691c87
- SHA512
  
  294ed5609e072b66f9b161583057c488d069dedb4f85077df11feb98024d9740533e656860017a33be2daf5cdc7787a4df212b19a1da962de4805788572debb1
- SSDEEP
  
  768:qJjSa2cr7NkwVqKira6FR3WSopjSa2cr7NkwVqKira6:gGa2ceXpzqSopGa2ceXpz
Score

1^/10
behavioral21 behavioral22
- Target
  
  DataMaster MTRMLS.XmlSerializers.dll
- Size
  
  24KB
- MD5
  
  c701b07604e3bb751cb83d865e59e13e
- SHA1
  
  a6b4ddb1723b95a765e3477a7f4735289f11f889
- SHA256
  
  604a164272791d1719b17bf7a5555264a99b3c94aa679a663eb421b5b945d3b5
- SHA512
  
  8fd88d5530228eeefe7f03a8353e06d16a2895fa43c94eeb6dc4a2a0310cf88680fb03eefdc51c3503677b81d1319f62ed2e5a9884c316c3556fae7a2cc32c94
- SSDEEP
  
  384:o13Lb5uSNUlYD1V+hkW9JnWW2Fw81ndw:oiiL0D9JnWW2Fw81ndw
Score

1^/10
behavioral23 behavioral24
- Target
  
  DataMaster MTRMLS.exe
- Size
  
  2.9MB
- MD5
  
  74714366fdeaa96810967317611b47db
- SHA1
  
  b4d131fc884d99df6fff60f610a3719ec6e67385
- SHA256
  
  a8fac63f1bc4c238289e733bef3f32188e814bdcfe6bc6cb455bf02bc4a24ce3
- SHA512
  
  6d9b9f643c1c61aeb79653099008c21880d218d3fc3b9bdaab29bb56365b77bceb8e33824cea7ccb1a80976697b53b61d37d24d53e13c38aa10ac048d412d21b
- SSDEEP
  
  12288:IqWSxoDiUUXGa05zsHqeNrZee/jyP9SAdgMiEphOZLmVnow5UiR8qDLs3gUE/Tlq:E1DMXGQ9BsmhWe2djfzOn0I+
Score

1^/10
behavioral25 behavioral26
- Target
  
  DataMaster.Providers.CrsData.XmlSerializers.dll
- Size
  
  56KB
- MD5
  
  b10b890db95fa06eb4a43c654233a3f7
- SHA1
  
  b9f0869dfdbb16a6fb0826a00643aba89b87124e
- SHA256
  
  9dd953e526c16fb49746aa31c7ceac481e5a40323ce9649c610d0fc5be1b0c5f
- SHA512
  
  1d6895160201079a54210cc8c92e9f2420e8c8f74a8105714ba03bd2cd921782ff17278607182e1eacc89eaeab4bd9fff0867bb48902d432bed2d9039de89364
- SSDEEP
  
  768:d64PF4+4NVpxNOE+Ykqruorp/9gfVN+UjY:Ru3xQHYkGrp/9gfV8UjY
Score

1^/10
behavioral27 behavioral28
- Target
  
  DataMaster.Providers.CrsData.dll
- Size
  
  31KB
- MD5
  
  117e9b7beba02ea85b0e226339a16da3
- SHA1
  
  d3c1961cef29e0e83e39bcfe8f1143cd77832706
- SHA256
  
  662038d8bea914df39196d0aca3fec3f7ec87392161f215625e08f47e7cadaa5
- SHA512
  
  2a1950fc6e6114e90e151a82f37480ac4f207e1730937dabf448d1a4a02952617ccaa511c3a8dc2fc301e4aedd2dfd8783b5c5a22fef432de1ca2385a2f1bf0f
- SSDEEP
  
  768:yYVggc0nv8C4XPL3CEkerFHiVacVqrVwrFy:yYVTcgv8C4XAeuJy
Score

1^/10
behavioral29 behavioral30
- Target
  
  DataMasterAssociater.exe
- Size
  
  89KB
- MD5
  
  ec8a7905500021c1c725078978574a95
- SHA1
  
  7068476c78cd31b9e3ce8825d447757f87582ea8
- SHA256
  
  8ba871af5e82d451a1f7e5be57c27fd3002cd66159dcdb63c1fe10047f49116c
- SHA512
  
  ffbce296fb775b7091aebf195132de5378c7fe84791b25f9bfdaa72870334c1c9dbe920f3ad9869f2b8ba282dc1a44bc787dfcffc8906b9ba13e496052c3bc24
- SSDEEP
  
  768:Qflfmv1jSa2cr7NkwVqKira6Gqvg3foDxXWLAbLwTeavjSa2cr7NkwVqKira6:Qa1Ga2ceXpzGq9DVCAgVvGa2ceXpz
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32