revengerat | bdf9c69badd605f9ec724e1e5731c7909ef6b0030cb2ca1a1834c6df50a8b2b4 | Triage

Submit
Reports

Overview

overview

Static

static

5

5b26f6ce1b...0N.exe

windows7-x64

5b26f6ce1b...0N.exe

windows10-2004-x64

Sharing

General

Target

5b26f6ce1b950726760c19bb306bcab0N.exe
Size

952KB
Sample

240814-kxtybaycjr
MD5

5b26f6ce1b950726760c19bb306bcab0
SHA1

087873f743486f0cbd31b59cb7f42478bcf55e63
SHA256

bdf9c69badd605f9ec724e1e5731c7909ef6b0030cb2ca1a1834c6df50a8b2b4
SHA512

2d19a84ad0b20c60b4cb000362f57f5acf7a2a9680a01ec9262a9cbf5f6c17d25a1840b5e14055d24ef25900e9db735b745d9d6579b970370f79d8b3010b90a4
SSDEEP

24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5k:Rh+ZkldDPK8YaKjk

Score

10^/10

revengerat marzo26 discovery trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5b26f6ce1b950726760c19bb306bcab0N.exe

Resource

win7-20240708-en

revengerat marzo26 discovery trojan

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

5b26f6ce1b950726760c19bb306bcab0N.exe

Resource

win10v2004-20240802-en

revengerat marzo26 discovery trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

- Target
  
  5b26f6ce1b950726760c19bb306bcab0N.exe
- Size
  
  952KB
- MD5
  
  5b26f6ce1b950726760c19bb306bcab0
- SHA1
  
  087873f743486f0cbd31b59cb7f42478bcf55e63
- SHA256
  
  bdf9c69badd605f9ec724e1e5731c7909ef6b0030cb2ca1a1834c6df50a8b2b4
- SHA512
  
  2d19a84ad0b20c60b4cb000362f57f5acf7a2a9680a01ec9262a9cbf5f6c17d25a1840b5e14055d24ef25900e9db735b745d9d6579b970370f79d8b3010b90a4
- SSDEEP
  
  24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5k:Rh+ZkldDPK8YaKjk
Score

10^/10

revengerat marzo26 discovery trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Drops startup file
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratmarzo26discoverytrojan

behavioral2

revengeratmarzo26discoverytrojan

© 2018-2025

Terms | Privacy