revengerat | c6204984759803b0498b654dc19e74e5d8791f398d98e3db290da1c89c832004 | Triage

Sharing

General

Target

857395c22c5bd4b707376b4cfc7c6308_JaffaCakes118
Size

16KB
Sample

240810-kk236axapd
MD5

857395c22c5bd4b707376b4cfc7c6308
SHA1

263349185213ccf520dbcd246f02fcc2d515bd6b
SHA256

c6204984759803b0498b654dc19e74e5d8791f398d98e3db290da1c89c832004
SHA512

1c63b6ab3b62bf8fc980d0f033fdf41a6fcac11334193cc100f70a79c196bf7135dc8ad0de9b94339c63a9beb65e9c8c05296ef420bd06ae2c48979f9e07f89e
SSDEEP

384:7t9+Xi9NVzGS7P9oDPlMNcLlb5sVKwyK5Ct:7t9+Xi9NkwclMNEyo

Score

10^/10

revengerat guest stealer

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

0077.duckdns.org:44144

Mutex

RV_MUTEX

Targets

- Target
  
  857395c22c5bd4b707376b4cfc7c6308_JaffaCakes118
- Size
  
  16KB
- MD5
  
  857395c22c5bd4b707376b4cfc7c6308
- SHA1
  
  263349185213ccf520dbcd246f02fcc2d515bd6b
- SHA256
  
  c6204984759803b0498b654dc19e74e5d8791f398d98e3db290da1c89c832004
- SHA512
  
  1c63b6ab3b62bf8fc980d0f033fdf41a6fcac11334193cc100f70a79c196bf7135dc8ad0de9b94339c63a9beb65e9c8c05296ef420bd06ae2c48979f9e07f89e
- SSDEEP
  
  384:7t9+Xi9NVzGS7P9oDPlMNcLlb5sVKwyK5Ct:7t9+Xi9NkwclMNEyo
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

behavioral2