revengerat | 013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda | Triage

Submit
Reports

Overview

overview

Static

static

1

RES094464-2180.ppam

windows7-x64

RES094464-2180.ppam

windows10-2004-x64

Sharing

General

Target

RES094464-2180.ppam
Size

28KB
Sample

240416-szr6hadf74
MD5

7e0c3f4ee3bb201339b0be1e73142374
SHA1

bb1dbdfd0cbbdb0f33dba0502d896224ba567680
SHA256

013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda
SHA512

5398377cd90f8aa3b8834eef60fcf438c9eeed154e78447b902e04b1f5071726aa03c2bcca5280da1c8e06649b9a01f7645638ae6cd09f8a68f69fe41f299da4
SSDEEP

768:VPKiNgILNl1pb2GdSXlWEsusK+oCx7oho6n7vtxUkO:VC6vgIS4tokyH7lmkO

Score

10^/10

revengerat nyancatrevenge trojan

Static task

static1

Behavioral task

behavioral1

Sample

RES094464-2180.ppam

Resource

win7-20240221-en

revengerat nyancatrevenge trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

RES094464-2180.ppam

Resource

win10v2004-20240412-en

revengerat nyancatrevenge trojan

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

craxsrat.ddns.com.br:333

Mutex

27d7e6701f5e

Targets

- Target
  
  RES094464-2180.ppam
- Size
  
  28KB
- MD5
  
  7e0c3f4ee3bb201339b0be1e73142374
- SHA1
  
  bb1dbdfd0cbbdb0f33dba0502d896224ba567680
- SHA256
  
  013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda
- SHA512
  
  5398377cd90f8aa3b8834eef60fcf438c9eeed154e78447b902e04b1f5071726aa03c2bcca5280da1c8e06649b9a01f7645638ae6cd09f8a68f69fe41f299da4
- SSDEEP
  
  768:VPKiNgILNl1pb2GdSXlWEsusK+oCx7oho6n7vtxUkO:VC6vgIS4tokyH7lmkO
Score

10^/10

revengerat nyancatrevenge trojan
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

revengeratnyancatrevengetrojan

behavioral2

revengeratnyancatrevengetrojan

© 2018-2024

Terms | Privacy