revengerat | 8bfcd79d81d878a298d717aa629b6fd0eeefe9d260b336637b3d1c9022997cd6

Sharing

Copy URL

Twitter E-mail

General

Target

54845be2ce8c8f6dd4ffe0b5a08ad03d_JaffaCakes118
Size

3.0MB
Sample

240717-yjlaxawcjq
MD5

54845be2ce8c8f6dd4ffe0b5a08ad03d
SHA1

9234c7ca550dbec743fc07dd64df1bf737e8291b
SHA256

8bfcd79d81d878a298d717aa629b6fd0eeefe9d260b336637b3d1c9022997cd6
SHA512

d399e55ac1e87fdfa442dbf40d26236cc6a27e858f0286d6df1263921b60613a5fb1f10b84cca60c0762a818ed1ef0570da63f7c35c4baab576a7476c3f52aff
SSDEEP

49152:llD8jwLWqrEqiqhjo9WhGf6nBrjVHiRAtmBqzAFRGW8u/jCMXn1FTr3aAn:lB71rEojo9Df6pAkYiAYMX1Nn

Score

10^/10

revengerat stealer

Malware Config

Targets

- Target
  
  54845be2ce8c8f6dd4ffe0b5a08ad03d_JaffaCakes118
- Size
  
  3.0MB
- MD5
  
  54845be2ce8c8f6dd4ffe0b5a08ad03d
- SHA1
  
  9234c7ca550dbec743fc07dd64df1bf737e8291b
- SHA256
  
  8bfcd79d81d878a298d717aa629b6fd0eeefe9d260b336637b3d1c9022997cd6
- SHA512
  
  d399e55ac1e87fdfa442dbf40d26236cc6a27e858f0286d6df1263921b60613a5fb1f10b84cca60c0762a818ed1ef0570da63f7c35c4baab576a7476c3f52aff
- SSDEEP
  
  49152:llD8jwLWqrEqiqhjo9WhGf6nBrjVHiRAtmBqzAFRGW8u/jCMXn1FTr3aAn:lB71rEojo9Df6pAkYiAYMX1Nn
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  a5f8399a743ab7f9c88c645c35b1ebb5
- SHA1
  
  168f3c158913b0367bf79fa413357fbe97018191
- SHA256
  
  dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
- SHA512
  
  824e567f5211bf09c7912537c7836d761b0934207612808e9a191f980375c6a97383dbc6b4a7121c6b5f508cbfd7542a781d6b6b196ca24841f73892eec5e977
- SSDEEP
  
  192:tUZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRPgsfA:6Bo/680dCI5adOjFOg9//p27uNw2Go
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Processes.dll
- Size
  
  56KB
- MD5
  
  cc0bd4f5a79107633084471dbd4af796
- SHA1
  
  09dfcf182b1493161dec8044a5234c35ee24c43a
- SHA256
  
  3b5388e13dab53d53e08791f492ed7d3094a0cee51e9841af83ce02534e0621c
- SHA512
  
  67ba90ec04366e07d0922ffb4dbbb4f12f90b6785b87700adaae29327db9ec2a03d750b229f858db0594f439499d6346fbf1ebc17c77162bf8da027515219ee3
- SSDEEP
  
  768:WmswCIbuzwEmd7Fp4KpDAKngV9tV3rJy63JgaVwoz7si4uYqUYWu1gYwmj552RFB:WmswCIbuzwEy7n3YD3Jgw7shKrp55io
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10
behavioral10 behavioral9
- Target
  
  DMCustomControls.dll
- Size
  
  76KB
- MD5
  
  ed612d035273d587dfeee6a3c3a8d441
- SHA1
  
  3f00e409386e460a3ae07d0e233bcdd9cd5bd5ff
- SHA256
  
  8a28004fd94070df0ecf5d76af4a58c5eac7f3e25f02c7967d512d32a856379e
- SHA512
  
  1b410f230b2b2aba879b57816e9f8d1bdc958f8abad0106a710fca9102638d6de6cffcaf6636ee9f2f4c04fcf7415dcbedcbd62a8d619ef3b9f10aff5de3b7d9
- SSDEEP
  
  1536:qSXKwgV2WaY+4j6CYPGYV4SZZ6Msu9fqeKs3qD5ed:qSXKwO2WDj6C9YV3uKfqI
Score

1^/10
behavioral11 behavioral12
- Target
  
  DMSharedClasses.dll
- Size
  
  56KB
- MD5
  
  f74a796c8394960eed984966b80193af
- SHA1
  
  80876e324cf4efc15bf1bcd2676a171fd37fefb1
- SHA256
  
  7e67e2e79d3e8b7abfbc14996bfac3381d28eb4ab96112b76a5f25f997daa138
- SHA512
  
  b91617edae98f76b77a0364bb29f2d0647ef3a0e0ebb39195665f401fdd2355d26cd1ef6f32f4c8661940426ca05fd2656838a6c348651c723855983bbb3a638
- SSDEEP
  
  1536:fm9fs+I6dH5DTNA2FFQRus7Zpe+P4uRm:filI6dH5DW2pslJm
Score

1^/10
behavioral13 behavioral14
- Target
  
  DMStartupWizard.XmlSerializers.dll
- Size
  
  44KB
- MD5
  
  1948aec2b561cb9024c2ddd49c8f296c
- SHA1
  
  3f9cc12bb5984f00a087b0a5ee16fe3f163c3438
- SHA256
  
  9913f28687c4bed68788995d4f029528edbdbfe1c1c1fa466840652bafaa8975
- SHA512
  
  d07d2bc0c5540f7ebcdf0816e9ad255a03ac9d5963816e43505e21133cf20a695fc27ecf4fe7126ac3466c774604d58ac3a4317b1fd2ed9e18a8d5d6aac1b00a
- SSDEEP
  
  768:EE9kv9kj9EwOZ/Wy7bjjjjjjjjjjjjjjjaofrDQGS27fCXgYPe47G1EECRh8wjHx:E/wGjjjjjjjjjjjjjjjauYPe47G1EEC9
Score

1^/10
behavioral15 behavioral16
- Target
  
  DMStartupWizard.dll
- Size
  
  361KB
- MD5
  
  958470a2ff78b805ce4723a4f1a1914d
- SHA1
  
  a45a61aff412899dafacd61127d1822bc040f5b7
- SHA256
  
  cf8bfc2ec85f9dd1d309e052ef23e167e20c54239def044d47f6cd36dc974bae
- SHA512
  
  b9a5c312b4b8bb8bc623ec00d438f90f3b4d07cb0284105bd82cdbfbc7726aef8e4059327e92b7951590830b40e7f95bf623558dc1466f3f689e8f96d020dd4e
- SSDEEP
  
  3072:MvBhvBjvBzbDynVr0820q+8G9US77nL7H7V0/LekGpwF92vBwZX6JPD+PjVM5KQj:aPtzb2RrDjUwjnZie5GswZq
Score

1^/10
behavioral17 behavioral18
- Target
  
  DMUpdater.exe
- Size
  
  81KB
- MD5
  
  31cf59ea754417c2b0c9288842fdac16
- SHA1
  
  02adbe97c275ae930c0a052c49c8dd01cc927b0f
- SHA256
  
  3e013fbb8ca9be11f46d7cf93a9a507a934a79c8b8f8ac4d522c6716a9f55796
- SHA512
  
  8e7608fd7eacabfe9d0973f5c7bc5f984317530464e541b063aec82fe3a028a3e51b6821616cc04125ff8129978dd475af65b653fcb1fb17983cb42ff87aaf0d
- SSDEEP
  
  768:1JVDjSa2cr7NkwVqKira6hrPm6Q3rjSa2cr7NkwVqKira6:1vGa2ceXpztu6Q3rGa2ceXpz
Score

1^/10
behavioral19 behavioral20
- Target
  
  DataMaster Launcher.exe
- Size
  
  81KB
- MD5
  
  43c18458c9fd1e435b7aa3ec0ff3ab1b
- SHA1
  
  70aa85d24ab518dca04c65f67ad2f7aa960e42cf
- SHA256
  
  dd4a8d76fa91d462cb6d809a865ca467e939fb30edf96b1877cac1b67d56ea33
- SHA512
  
  337194edd3ce11f03c70f1d009a8ac38339e2d2c0791eee11bccda2c81ee4904b827951ba26c36233619b98f7a4bf39d00bfddd00efd0ae5596a6b9cb1f11748
- SSDEEP
  
  768:pJjSa2cr7NkwVqKira6FJ3ESeJjSa2cr7NkwVqKira6:PGa2ceXpz8SeJGa2ceXpz
Score

1^/10
behavioral21 behavioral22
- Target
  
  DataMaster MLSSAZ.XmlSerializers.dll
- Size
  
  24KB
- MD5
  
  2cff62d933aae905a7d641fceca6232b
- SHA1
  
  6ef187b5dbf1480007c984e272554345f2412ff5
- SHA256
  
  c232cedd780d7b3d371b268a51563aeac4a06811446cc5726ca15e268e6c9b4a
- SHA512
  
  5439b0499cac84705a2c8d54d52200e085cc5653cd02e22e435829a279ec5055698e46dc7c4a21f87f7df7e8f3f4b3545eb208a698764b64b92e20b43535e39a
- SSDEEP
  
  384:OZuSkyBYTUKiGNDSkn9JnWW9FbH1sdMgw:OATyJUNmm9JnWW9FbH1sdBw
Score

1^/10
behavioral23 behavioral24
- Target
  
  DataMaster MLSSAZ.exe
- Size
  
  2.9MB
- MD5
  
  a8440fc499f39675df37249126fdcfe7
- SHA1
  
  1ac68581040d0fc500ad2b37c3b4de1b0e7b7db7
- SHA256
  
  41353d49923db7f4abdb5808a7744aa6f9bd18d7b6cda6efde2232e549b7e365
- SHA512
  
  8140a4bf6b7b0b0bc9b581299fc93a38417887726959acaf3635b9bd3381159f3124625f7fe8989e9a2ae45c9407b230a4add8bff50e088eb66624103b0762ef
- SSDEEP
  
  24576:Dvc6ISk1BmmztJmhWaDjwsQOrngw4cVM:DvF4mhzXwzSngeVM
Score

1^/10
behavioral25 behavioral26
- Target
  
  DataMasterAssociater.exe
- Size
  
  89KB
- MD5
  
  ce4a5d1906a1a467d4669f24642fda43
- SHA1
  
  672dcf99d29ec1abd5998791fa191c09aab4fd62
- SHA256
  
  2a0b7e48557e27bd0b0cfdc2ea4e7ce37a3e216a7acb46d4f2e05747e63e0a28
- SHA512
  
  acf9acd274c89fbd5465a70052bc03cd0709a57b137f3ec066437f2eede2c6b2e3c9ff3e006201912e9d7bac58e1d1f2887ae92754678b3af079c2b8347580c4
- SSDEEP
  
  768:Tflfmv1jSa2cr7NkwVqKira6Gqvg3ToDxXWLAbCwT+E/jSa2cr7NkwVqKira6:Ta1Ga2ceXpzGqlDVCA1v/Ga2ceXpz
Score

1^/10
behavioral27 behavioral28
- Target
  
  DataMasterDDE.exe
- Size
  
  46KB
- MD5
  
  bec7f54d560ad9d8dc36b7ef85d538b1
- SHA1
  
  c509a616f1ee47d5c313390d0569f06bf898f119
- SHA256
  
  e2b58e14d3e44d6ed8eb82667f1d33064bf58c65873e808abc4a1555a109b11a
- SHA512
  
  2759d396b4e53a583f4d73c6c09b4992a777ced59d38da08c421bd9a506fccf356dabbccbafe099466e00f8f5e88878c13bbab49e791b89d8137499793c958b7
- SSDEEP
  
  384:SGh4oUj2kpIZtM4w9u46m2zq2k53KvRvGuRgP2crsW9NW7QhVqKmdDfokgKbuikw:SFoCpIGuw2i3jSa2cr7NkwVqKira6
Score

1^/10
behavioral29 behavioral30
- Target
  
  DataMasterPlus.XmlSerializers.dll
- Size
  
  88KB
- MD5
  
  d18036fabddcdc8e081ea32a2d5b5b7e
- SHA1
  
  60f0ee91ce42705b0eb4f6a7c796c9936cc6e75f
- SHA256
  
  e2a38083d2ca1ace503b1a1e308fac073186786f1aae258590b83797f8808191
- SHA512
  
  2e9f684a304fe06470f65a7d556b91dbf99193786865436d6dee073188e415edea1c2f9bc6cb019d26d480c7b1867c5cebfd8ef6aab052d7473104df0a705d0f
- SSDEEP
  
  1536:S19vB9J6V0/BuOK5fDYQ4kffLz4MG1EErXv0W7yZyoFJ/2SR5PT7DeOqeO2brIb/:S19vBE0/BK5fDYQ4kffLz4MG1EErXv0Q
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32