revengerat | 28e8981fa025043bea53774db708ea86c1ed12fbd9a6910d2f24dc2916d43f7b | Triage

Submit
Reports

Overview

overview

Static

static

5

2b38bcc3e9...d0.exe

windows7-x64

2b38bcc3e9...d0.exe

windows10-2004-x64

Sharing

General

Target

2b38bcc3e957fb5f147e0b2af08464d0.exe
Size

904KB
Sample

240706-b5c54asbpq
MD5

2b38bcc3e957fb5f147e0b2af08464d0
SHA1

d5bf4853e22140a84581af9e7e0e53172f054dd1
SHA256

28e8981fa025043bea53774db708ea86c1ed12fbd9a6910d2f24dc2916d43f7b
SHA512

89ac116d652170d1073b56c6fce707d612c6c573b03984ad1267ea0853fe0beb3923131a205a956da1005def4e2fec61f7ec8c762ccbe20cbfdd5ca0e5cf6f72
SSDEEP

24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5n:gh+ZkldoPK8YaKGn

Score

10^/10

revengerat marzo26 trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2b38bcc3e957fb5f147e0b2af08464d0.exe

Resource

win7-20240704-en

revengerat marzo26 trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2b38bcc3e957fb5f147e0b2af08464d0.exe

Resource

win10v2004-20240508-en

revengerat marzo26 trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

- Target
  
  2b38bcc3e957fb5f147e0b2af08464d0.exe
- Size
  
  904KB
- MD5
  
  2b38bcc3e957fb5f147e0b2af08464d0
- SHA1
  
  d5bf4853e22140a84581af9e7e0e53172f054dd1
- SHA256
  
  28e8981fa025043bea53774db708ea86c1ed12fbd9a6910d2f24dc2916d43f7b
- SHA512
  
  89ac116d652170d1073b56c6fce707d612c6c573b03984ad1267ea0853fe0beb3923131a205a956da1005def4e2fec61f7ec8c762ccbe20cbfdd5ca0e5cf6f72
- SSDEEP
  
  24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5n:gh+ZkldoPK8YaKGn
Score

10^/10

revengerat marzo26 trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

revengeratmarzo26trojan

behavioral2

revengeratmarzo26trojan

© 2018-2024

Terms | Privacy