revengerat | 76238af88d9a95bd3c17b150465d6dc8f0734d9b25670d8bd10d63559a55b615

Sharing

Copy URL

Twitter E-mail

General

Target

b748e68c3b132a964735e64fdcdab877_JaffaCakes118
Size

3.0MB
Sample

240617-hnxlqstapk
MD5

b748e68c3b132a964735e64fdcdab877
SHA1

9e6e18b4368d91cbf60af4b7ab7ecb7b3d0354a5
SHA256

76238af88d9a95bd3c17b150465d6dc8f0734d9b25670d8bd10d63559a55b615
SHA512

9ddd0fd7ad0395af9147f4bec255aedb32fbfbeb9be5a9cf2952c30f9a39db46a96ea194d4166742fd942a076a1b014418b6a66c0d8ee2f1171128827fa6194b
SSDEEP

49152:sTKVqrkZt9zHRK8wHGkNmL8MzYjNJSszKUqGDbc1oODEydI+YdYl8gt:sTKVqY/9zxXwHGQmL8LSUK/p7EydI3aT

Score

10^/10

revengerat stealer

Malware Config

Targets

- Target
  
  b748e68c3b132a964735e64fdcdab877_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  b748e68c3b132a964735e64fdcdab877
- SHA1
  
  9e6e18b4368d91cbf60af4b7ab7ecb7b3d0354a5
- SHA256
  
  76238af88d9a95bd3c17b150465d6dc8f0734d9b25670d8bd10d63559a55b615
- SHA512
  
  9ddd0fd7ad0395af9147f4bec255aedb32fbfbeb9be5a9cf2952c30f9a39db46a96ea194d4166742fd942a076a1b014418b6a66c0d8ee2f1171128827fa6194b
- SSDEEP
  
  49152:sTKVqrkZt9zHRK8wHGkNmL8MzYjNJSszKUqGDbc1oODEydI+YdYl8gt:sTKVqY/9zxXwHGQmL8LSUK/p7EydI3aT
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Processes.dll
- Size
  
  56KB
- MD5
  
  cc0bd4f5a79107633084471dbd4af796
- SHA1
  
  09dfcf182b1493161dec8044a5234c35ee24c43a
- SHA256
  
  3b5388e13dab53d53e08791f492ed7d3094a0cee51e9841af83ce02534e0621c
- SHA512
  
  67ba90ec04366e07d0922ffb4dbbb4f12f90b6785b87700adaae29327db9ec2a03d750b229f858db0594f439499d6346fbf1ebc17c77162bf8da027515219ee3
- SSDEEP
  
  768:WmswCIbuzwEmd7Fp4KpDAKngV9tV3rJy63JgaVwoz7si4uYqUYWu1gYwmj552RFB:WmswCIbuzwEy7n3YD3Jgw7shKrp55io
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral10 behavioral9
- Target
  
  DMCustomControls.dll
- Size
  
  76KB
- MD5
  
  3913cc498215d9cfbf4884828a2eda2a
- SHA1
  
  8034bfe7cf4c88e28724372f7314b80082824ce8
- SHA256
  
  cfd6bc9269f8b7fd928eddce59229beb99458552e1e31da25bd60eb8cdaa54b7
- SHA512
  
  9235b07077638489a8c1a15880c09cc4075bee529a8e369d0f94e87d00033be63ba05678bbcdb66a6ac5708fb9777996dea3471b6693a01f7da4190e7e187582
- SSDEEP
  
  1536:CSXKwgV2WaY+4j6CYPGYV4SZZ6Msu9fqeDs3qD55d:CSXKwO2WDj6C9YV3uKfVB
Score

1^/10
behavioral11 behavioral12
- Target
  
  DMSharedClasses.dll
- Size
  
  56KB
- MD5
  
  5112e5f05daac0e8f5f5972b9f8555ac
- SHA1
  
  519021c203729adb3638609d01769f5f8ad0c474
- SHA256
  
  f66698c9cfa4c9bb88c9e8fa655970e5803e35f7b7d2eb70b47f3a65d0155f7a
- SHA512
  
  07b584d465a0f6900224cdae8a26fc1df4478ac8802ccbbca076388f60557315ab4b94f9643031c64a678f735345b032910d043b7e4371dc5a9ff23ce28a56f7
- SSDEEP
  
  1536:Xm9fs+I6dH5DTNA2FFQRus7Zpe+P4uxm:XilI6dH5DW2pslJm
Score

1^/10
behavioral13 behavioral14
- Target
  
  DMStartupWizard.XmlSerializers.dll
- Size
  
  44KB
- MD5
  
  a9f7f4f73a16014086c7f529e9d9ae43
- SHA1
  
  bfb51735de0f0f641aeafd89e3b671acd08cb3a1
- SHA256
  
  4a36e36ac8f15cc2db3a9e5c26503812c8c3c4d1b306a558bdcab50cadcbf451
- SHA512
  
  8369015fbf3efd710d8b91c7345dbee4e62e8c826cecec1acf86c63d994ea1c9d8d03ff265a94a27ac603956737567261524e23dea99f6ce3b6e6ca4eef59728
- SSDEEP
  
  768:sE9kv9kj9EwOZ/Wy7bjjjjjjjjjjjjjjjaofrDQGS27fCXgYPe47G1EECRh8wjH7:s/wGjjjjjjjjjjjjjjjauYPe47G1EECf
Score

1^/10
behavioral15 behavioral16
- Target
  
  DMStartupWizard.dll
- Size
  
  361KB
- MD5
  
  b5657fb4bccab65b1a34734948ff6c1d
- SHA1
  
  edea291922d02536f86e71dfb498adccb4b70cc1
- SHA256
  
  b73ca7d7a4d411e29856594ce0b91d6dbbfc61d5e6274ce40c7261109a133882
- SHA512
  
  118aa13004adaa8065e13481277284fd6aef27518526e298206bce44a1e684f7bd4170bf2b483eab8694519ef2d612a959fd85645d14816c7032d6256897a1e4
- SSDEEP
  
  3072:QvBhvBjvBzbDynVr0820q+8G9US77nL7H7V0/LekGpwF92vBwZX6JPD+PjVM5KQI:2Ptzb2RrDjUwjnZie5GswZq
Score

1^/10
behavioral17 behavioral18
- Target
  
  DMUpdater.exe
- Size
  
  81KB
- MD5
  
  ac068acc0255295173f2dc64e9a99ad6
- SHA1
  
  157fe54ed59d8fa77ffad2af89cb9a91c8cea106
- SHA256
  
  7fc67402da5d211b99edcd4311e691143530c147cd918dcce0aad15850479248
- SHA512
  
  c1a86e349b4ae4139910bca94b45c8348533ee0129f6261ddac01ea70d43a3e5431977108a0239edfcec57344bf3d1f82f7b03af2858bb2438705f836c1cc738
- SSDEEP
  
  768:ZJVDjSa2cr7NkwVqKira6hZPmkQ0rjSa2cr7NkwVqKira6:ZvGa2ceXpzXukQ0rGa2ceXpz
Score

1^/10
behavioral19 behavioral20
- Target
  
  DataMaster Launcher.exe
- Size
  
  81KB
- MD5
  
  baec4eb3fe1c94461a5fb0f3bea0b0cd
- SHA1
  
  24014f572881c5ff9f9132765a767bf2fc885784
- SHA256
  
  e96f59c6d1555bebae32f994655646a0434e4705e7868d2c88a65883350c48f0
- SHA512
  
  fc8b06804227386311b0573958b92a10e0688864b74ca5257922460ba88fb597bfafe899a1ee513cbdcbb4e69b9c403ef49ed7f0779e296b15f1f99b3dbab323
- SSDEEP
  
  768:NJjSa2cr7NkwVqKira6FT3sSZpjSa2cr7NkwVqKira6:DGa2ceXpzWSZpGa2ceXpz
Score

1^/10
behavioral21 behavioral22
- Target
  
  DataMaster MAARMLS.XmlSerializers.dll
- Size
  
  28KB
- MD5
  
  1b487b91b7261786a19fc19384168d70
- SHA1
  
  b83dd32e14777a3304619c772534e5ced3d03b51
- SHA256
  
  6b6df948f54d08fcdd6b636e6a53341ea0ccebd9f33a32e0fbda51e3373ebdde
- SHA512
  
  233a118adbd759211b6409343aa3e0ce1d0fa329c67d34503d0f79c584c3a85ce798860c3c2c20449d9aa0b9af69a15668399c1a429e6839b48da89f22fbf05a
- SSDEEP
  
  768:I36S00pSfEWu6l5MrwYhN20Frc9ZTMWp3+AnBzh:/S0Grc9ZTMWp3+AnBzh
Score

1^/10
behavioral23 behavioral24
- Target
  
  DataMaster MAARMLS.exe
- Size
  
  2.9MB
- MD5
  
  e4d2fb2ff74eda5cc91d71985694f2ce
- SHA1
  
  1e1bfbb4c479dc5e35155227925dd8d27057eb20
- SHA256
  
  fe31b1091c4613ca918fa80699212964592e0a1964e70094e83914b811f10f4a
- SHA512
  
  5968bea0368fbac4fe86d97c94a4bce52c663c10b81258c745ff98208eb64cb1f050dc81ce0590c176f0578bf63fa9bf2501d6e04ec3c4f0d394915f173598ce
- SSDEEP
  
  12288:vb+KLPxmIQWS7nDY1lLZpGT7mm1UhglFYgHXMmpZmyBR5CM138QLlMUUM5+2WK2F:vbnLPEnTXmhWSdXA+SCvpnz03Q
Score

1^/10
behavioral25 behavioral26
- Target
  
  DataMasterAssociater.exe
- Size
  
  89KB
- MD5
  
  32f583dda22ea87660e2efadf0469e0e
- SHA1
  
  a85cefcb43e3754026cb2e37accbefa845d0f0be
- SHA256
  
  51ac95395defb7a2816b00650d5a3c8a8af2fd182b84290e347bb4bcdc0f9765
- SHA512
  
  91c486503cc918b420e12c65e7df203a57c55361f2031fce10846b16c43037df573a31ad1b6bdfa09f795b08f12b8fc8f0da800dc78930546076d6b73e06a603
- SSDEEP
  
  768:/flfmv1jSa2cr7NkwVqKira6Gqvg3BoDxXWLAbbwTOnvjSa2cr7NkwVqKira6:/a1Ga2ceXpzGqnDVCAIcvGa2ceXpz
Score

1^/10
behavioral27 behavioral28
- Target
  
  DataMasterDDE.exe
- Size
  
  46KB
- MD5
  
  5bb75b18dac75e75c01d10b07ec2cc14
- SHA1
  
  782ffa3936a0e29fe74f68b19d25edb6fae5400a
- SHA256
  
  5ed16243dff6793d6e19eee784a4b879f75127563d058ef64c99a3e506b332ba
- SHA512
  
  9e95cf076596a66ef1e49b8a07b6dd1af3dc786e6e0bddc583f1a665888eb961f4e66b6f2637564a29ca1683d6355e22256896920917ffb15270bc616af4869d
- SSDEEP
  
  384:uGh4oUj2kpIZ7M4w9u46m26q2kGnKvRvGuRgP2crsW9NW7QhVqKmdDfokgKbuikw:uFoCpI4uw2WnjSa2cr7NkwVqKira6
Score

1^/10
behavioral29 behavioral30
- Target
  
  DataMasterPlus.XmlSerializers.dll
- Size
  
  88KB
- MD5
  
  df8dc372d46298eff5aa7fde9dbfbd58
- SHA1
  
  6cfccc2117edec7bdf57737f128eedee1342263c
- SHA256
  
  973b2d638c9ed243f8556d206416ddaa78898cd861f8551a36ae77241cfed53f
- SHA512
  
  27cb2e83d23d2f612476bd3d85ee0cc2cf9ca797f4ba0b25a9fe7863c06d3bba86a4fe77358d73bd2e6396033a5258d77463f0390e7f698834183b4b6067c2f6
- SSDEEP
  
  1536:O19vB9J6V0/BuOK5fDYQ4kffLz4MG1EErXv0W7yZyoFJ/2SR5PT7DeOqeO2brIbG:O19vBE0/BK5fDYQ4kffLz4MG1EErXv09
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32