revengerat | 43fb57e3bb4dd2017de2c53b308a8bd4a98f580d12d38884a615a3501be2d9de | Triage

Sharing

General

Target

540e41e28d057a499cfc5336c1bdb79d_JaffaCakes118
Size

17KB
Sample

240518-lem8gsdd39
MD5

540e41e28d057a499cfc5336c1bdb79d
SHA1

04b46b5c405ebe9c6f9f85ae941df22be70f2e02
SHA256

43fb57e3bb4dd2017de2c53b308a8bd4a98f580d12d38884a615a3501be2d9de
SHA512

71a4616272cb91ff981d4e87dafc4bb074ca4119d140297b4e79a74b0fb9f8b49f29d9bc8b01ad59963304b240657e599cedff6086011c5e23a64a631beb40b0
SSDEEP

384:Y3m7g8KllrOO+r39oDPlMNcLlb5sVKGVym5Ct:Y3m7g8Klld0clMNE4o

Score

10^/10

revengerat guest stealer

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

mdformo.ddns.net:81

mdformo1.ddns.net:81

Mutex

RV_MUTEX-hHuiGGjjtnxD

Targets

- Target
  
  540e41e28d057a499cfc5336c1bdb79d_JaffaCakes118
- Size
  
  17KB
- MD5
  
  540e41e28d057a499cfc5336c1bdb79d
- SHA1
  
  04b46b5c405ebe9c6f9f85ae941df22be70f2e02
- SHA256
  
  43fb57e3bb4dd2017de2c53b308a8bd4a98f580d12d38884a615a3501be2d9de
- SHA512
  
  71a4616272cb91ff981d4e87dafc4bb074ca4119d140297b4e79a74b0fb9f8b49f29d9bc8b01ad59963304b240657e599cedff6086011c5e23a64a631beb40b0
- SSDEEP
  
  384:Y3m7g8KllrOO+r39oDPlMNcLlb5sVKGVym5Ct:Y3m7g8Klld0clMNE4o
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

stealerguestrevengerat

behavioral1

behavioral2