revengerat | 15ff1329be3e7d2e9153a0379db6ad0f1253595192764ca9b4ff0e1493559fa4 | Triage

Submit
Reports

Overview

overview

Static

static

7

34da8ede6e...18.exe

windows7-x64

34da8ede6e...18.exe

windows10-2004-x64

Sharing

General

Target

34da8ede6e0b9e07af2a8dd00322a3e9_JaffaCakes118
Size

1.1MB
Sample

240511-qyfpzach74
MD5

34da8ede6e0b9e07af2a8dd00322a3e9
SHA1

cd03a12801204768043d4ff9b227dab53cc61138
SHA256

15ff1329be3e7d2e9153a0379db6ad0f1253595192764ca9b4ff0e1493559fa4
SHA512

040d7d75d73a7c615de29ac6b245efe9a0f463a536f0b4cbb99057261b17f2cd575f213800c8c6cc8346e2256b152f3c991c007ab533c98f6ff9c4700df23abc
SSDEEP

24576:7q5TfcdHj4fmb02qT0MmV0VMXLG3on1Gx1s4oo5osSxv:7UTsamQxto1no5oB

Score

10^/10

revengerat stealer trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

34da8ede6e0b9e07af2a8dd00322a3e9_JaffaCakes118.exe

Resource

win7-20240221-en

revengerat stealer trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

34da8ede6e0b9e07af2a8dd00322a3e9_JaffaCakes118.exe

Resource

win10v2004-20240508-en

revengerat stealer trojan upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  34da8ede6e0b9e07af2a8dd00322a3e9_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  34da8ede6e0b9e07af2a8dd00322a3e9
- SHA1
  
  cd03a12801204768043d4ff9b227dab53cc61138
- SHA256
  
  15ff1329be3e7d2e9153a0379db6ad0f1253595192764ca9b4ff0e1493559fa4
- SHA512
  
  040d7d75d73a7c615de29ac6b245efe9a0f463a536f0b4cbb99057261b17f2cd575f213800c8c6cc8346e2256b152f3c991c007ab533c98f6ff9c4700df23abc
- SSDEEP
  
  24576:7q5TfcdHj4fmb02qT0MmV0VMXLG3on1Gx1s4oo5osSxv:7UTsamQxto1no5oB
Score

10^/10

revengerat stealer trojan upx
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratstealertrojanupx

behavioral2

revengeratstealertrojanupx

© 2018-2025

Terms | Privacy