revengerat | 3bd07862bb5fdd9f4a20e4fce53d6d32e98fc2c7f3f6d06e10cd348cc42d5db3 | Triage

Submit
Reports

Overview

overview

Static

static

5

af251b22c3...0N.exe

windows7-x64

af251b22c3...0N.exe

windows10-2004-x64

Sharing

General

Target

af251b22c38e50e022439fa8aab75040N.exe
Size

904KB
Sample

240715-j719pswhrq
MD5

af251b22c38e50e022439fa8aab75040
SHA1

8686c78390c757b8b55cfcc9297fa272c6a73ea5
SHA256

3bd07862bb5fdd9f4a20e4fce53d6d32e98fc2c7f3f6d06e10cd348cc42d5db3
SHA512

c053143e2e973f8ba1e54ebbf06557b2b2c9c926c73d82a88bfcbc711bd980ebfd2fffec80514c0e95b612496c157f6314a2563dfc6384feec53266cf202f1d2
SSDEEP

24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5A:gh+ZkldoPK8YaKGA

Score

10^/10

revengerat marzo26 trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

af251b22c38e50e022439fa8aab75040N.exe

Resource

win7-20240704-en

revengerat marzo26 trojan

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

af251b22c38e50e022439fa8aab75040N.exe

Resource

win10v2004-20240709-en

revengerat marzo26 trojan

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

- Target
  
  af251b22c38e50e022439fa8aab75040N.exe
- Size
  
  904KB
- MD5
  
  af251b22c38e50e022439fa8aab75040
- SHA1
  
  8686c78390c757b8b55cfcc9297fa272c6a73ea5
- SHA256
  
  3bd07862bb5fdd9f4a20e4fce53d6d32e98fc2c7f3f6d06e10cd348cc42d5db3
- SHA512
  
  c053143e2e973f8ba1e54ebbf06557b2b2c9c926c73d82a88bfcbc711bd980ebfd2fffec80514c0e95b612496c157f6314a2563dfc6384feec53266cf202f1d2
- SSDEEP
  
  24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5A:gh+ZkldoPK8YaKGA
Score

10^/10

revengerat marzo26 trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

revengeratmarzo26trojan

behavioral2

revengeratmarzo26trojan

© 2018-2025

Terms | Privacy