revengerat | 85e9a8d8534e40e9f4c31205ebfcccbb5fea486f16f20e79736b40e7148c5ea2 | Triage

Sharing

General

Target

ytest.exe
Size

17KB
Sample

240507-2x2rlafd95
MD5

bea42ab66c20e55f6eb2746eb051e7f8
SHA1

3fa591e857edfd560ddf6536974126f18159996b
SHA256

85e9a8d8534e40e9f4c31205ebfcccbb5fea486f16f20e79736b40e7148c5ea2
SHA512

4ee14c1d306e81c535ee7071474b539abdbdc681dbfa9f6f128744073610230252d1ce273699044edd1b3886e41e217b8d3dde18d4550c7c51b58fcb688280bf
SSDEEP

384:UHzdzvqfxqvv2HP9oDPlMNcLlb5sVK6yI5Ct:ezdzvqUvvwclMNEKo

Score

10^/10

revengerat guest stealer

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

127.0.0.1:333

127.0.0.1:35477

rachelere-35477.portmap.host:333

rachelere-35477.portmap.host:35477

Mutex

RV_MUTEX

Targets

- Target
  
  ytest.exe
- Size
  
  17KB
- MD5
  
  bea42ab66c20e55f6eb2746eb051e7f8
- SHA1
  
  3fa591e857edfd560ddf6536974126f18159996b
- SHA256
  
  85e9a8d8534e40e9f4c31205ebfcccbb5fea486f16f20e79736b40e7148c5ea2
- SHA512
  
  4ee14c1d306e81c535ee7071474b539abdbdc681dbfa9f6f128744073610230252d1ce273699044edd1b3886e41e217b8d3dde18d4550c7c51b58fcb688280bf
- SSDEEP
  
  384:UHzdzvqfxqvv2HP9oDPlMNcLlb5sVK6yI5Ct:ezdzvqUvvwclMNEKo
Score

1^/10
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

behavioral2

behavioral3