Overview

overview

10

Static

static

5

74fc9992eb...0N.exe

windows7-x64

10

74fc9992eb...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    74fc9992eb856c0beaffc3957599dbd0N.exe

  • Size

    904KB

  • Sample

    240719-kep7ea1fqq

  • MD5

    74fc9992eb856c0beaffc3957599dbd0

  • SHA1

    75bcec38ffcf2a03ff04dd5e77c36a95cd1ba953

  • SHA256

    b791142d5cd640f23a3d8a5d2d95cc4fea097712d1054cd68db756cb1545b3bd

  • SHA512

    68803b96f48bbe9b76a0fdccfef587cc7743e1704a5b0ffb6b998f1e1ce9803b80dba46b047351d4abf23196f3c235e2ab662f7941f46acfab649c0ef62dfe99

  • SSDEEP

    24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5U:gh+ZkldoPK8YaKGU

Score
10/10
revengeratmarzo26trojan

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

    • Target

      74fc9992eb856c0beaffc3957599dbd0N.exe

    • Size

      904KB

    • MD5

      74fc9992eb856c0beaffc3957599dbd0

    • SHA1

      75bcec38ffcf2a03ff04dd5e77c36a95cd1ba953

    • SHA256

      b791142d5cd640f23a3d8a5d2d95cc4fea097712d1054cd68db756cb1545b3bd

    • SHA512

      68803b96f48bbe9b76a0fdccfef587cc7743e1704a5b0ffb6b998f1e1ce9803b80dba46b047351d4abf23196f3c235e2ab662f7941f46acfab649c0ef62dfe99

    • SSDEEP

      24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5U:gh+ZkldoPK8YaKGU

    Score
    10/10
    revengeratmarzo26trojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks