revengerat | 05e70027b306e6385b7773aea0804844c8cee1fd2d1bb7b18f1767cbe84e9820 | Triage

Submit
Reports

Overview

overview

Static

static

7

bc535eeee6...0N.exe

windows7-x64

bc535eeee6...0N.exe

windows10-2004-x64

Sharing

General

Target

bc535eeee6464e725b0e7c35f67f15a0N.exe
Size

1.1MB
Sample

240722-q9shxa1ara
MD5

bc535eeee6464e725b0e7c35f67f15a0
SHA1

44c6dad62ea1a25259c43b7f6c964fe5b1186048
SHA256

05e70027b306e6385b7773aea0804844c8cee1fd2d1bb7b18f1767cbe84e9820
SHA512

17c2ae2e85f080700014fa075be225d59500600f5d0a7d492808f8f181a5c633d5c0aac250b044de11eeaea95ef4b52586fa79c96dd23b4ecb58392188c6e335
SSDEEP

24576:Cq5TfcdHj4fmbj2qh0MmV0VMXAJYoupGeMJ2Jordss4l:CUTsamPxsowvordO

Score

10^/10

revengerat stealer trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

bc535eeee6464e725b0e7c35f67f15a0N.exe

Resource

win7-20240704-en

revengerat stealer trojan upx

windows7-x64

13 signatures

120 seconds

Behavioral task

behavioral2

Sample

bc535eeee6464e725b0e7c35f67f15a0N.exe

Resource

win10v2004-20240709-en

revengerat stealer trojan upx

windows10-2004-x64

13 signatures

120 seconds

Malware Config

Targets

- Target
  
  bc535eeee6464e725b0e7c35f67f15a0N.exe
- Size
  
  1.1MB
- MD5
  
  bc535eeee6464e725b0e7c35f67f15a0
- SHA1
  
  44c6dad62ea1a25259c43b7f6c964fe5b1186048
- SHA256
  
  05e70027b306e6385b7773aea0804844c8cee1fd2d1bb7b18f1767cbe84e9820
- SHA512
  
  17c2ae2e85f080700014fa075be225d59500600f5d0a7d492808f8f181a5c633d5c0aac250b044de11eeaea95ef4b52586fa79c96dd23b4ecb58392188c6e335
- SSDEEP
  
  24576:Cq5TfcdHj4fmbj2qh0MmV0VMXAJYoupGeMJ2Jordss4l:CUTsamPxsowvordO
Score

10^/10

revengerat stealer trojan upx
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

revengeratstealertrojanupx

behavioral2

revengeratstealertrojanupx

© 2018-2024

Terms | Privacy