revengerat | 9b71cc8cba058ca46d19910c8ab923f13e3bab97be36f22bdc8b7a54e9b0bc6b | Triage

Sharing

General

Target

50c9178111217d5dd2be6e1f4ed0da30_NeikiAnalytics
Size

399KB
Sample

240514-cbebqsfb32
MD5

50c9178111217d5dd2be6e1f4ed0da30
SHA1

44b0437d2ab93187cfebfe957dcbe80642070f65
SHA256

9b71cc8cba058ca46d19910c8ab923f13e3bab97be36f22bdc8b7a54e9b0bc6b
SHA512

5382935d54e2dbdc67f598914f96715584e91dbf63cb82be894e34900bcf1db130a06ac05b30fb217b462642a0b275f8d1e9761bcf25b9fdee450a7d92b1e56d
SSDEEP

6144:zsf2hltcA3MAIxsI2uovynPT4tVoDhDsiFXU3TFSGLLZOb7GF:zsf2hldla2nynCSDhPFXU3TFSGH0b7

Score

10^/10

revengerat guest trojan

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

127.0.0.1:333

Mutex

RV_MUTEX

Targets

- Target
  
  50c9178111217d5dd2be6e1f4ed0da30_NeikiAnalytics
- Size
  
  399KB
- MD5
  
  50c9178111217d5dd2be6e1f4ed0da30
- SHA1
  
  44b0437d2ab93187cfebfe957dcbe80642070f65
- SHA256
  
  9b71cc8cba058ca46d19910c8ab923f13e3bab97be36f22bdc8b7a54e9b0bc6b
- SHA512
  
  5382935d54e2dbdc67f598914f96715584e91dbf63cb82be894e34900bcf1db130a06ac05b30fb217b462642a0b275f8d1e9761bcf25b9fdee450a7d92b1e56d
- SSDEEP
  
  6144:zsf2hltcA3MAIxsI2uovynPT4tVoDhDsiFXU3TFSGLLZOb7GF:zsf2hldla2nynCSDhPFXU3TFSGH0b7
Score

10^/10

revengerat guest trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

revengeratguesttrojan

behavioral2

revengeratguesttrojan