revengerat | bab1ff2b5707a870c9f065a3e41574f7b673adb5496b570b064c509c043fb691 | Triage

Submit
Reports

Overview

overview

Static

static

5

094386f443...0N.exe

windows7-x64

094386f443...0N.exe

windows10-2004-x64

Sharing

General

Target

094386f4430b0357d98ae819b51cbe70N.exe
Size

952KB
Sample

240816-sx6acawcqp
MD5

094386f4430b0357d98ae819b51cbe70
SHA1

82029ed2fc638f66257f35ce305dc3c7851546ac
SHA256

bab1ff2b5707a870c9f065a3e41574f7b673adb5496b570b064c509c043fb691
SHA512

4d356eb6851cd1fec958e4d89478dd7d001e36fb50d29d70e21a38ff3ef5ac3d7bc8c2fed31ef64e94ae405f89b20040ce465394eb9d1b4bb21eacabf7a422b8
SSDEEP

24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5d:Rh+ZkldDPK8YaKjd

Score

10^/10

revengerat marzo26 discovery trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

094386f4430b0357d98ae819b51cbe70N.exe

Resource

win7-20240704-en

revengerat marzo26 discovery trojan

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

094386f4430b0357d98ae819b51cbe70N.exe

Resource

win10v2004-20240802-en

revengerat marzo26 discovery trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

- Target
  
  094386f4430b0357d98ae819b51cbe70N.exe
- Size
  
  952KB
- MD5
  
  094386f4430b0357d98ae819b51cbe70
- SHA1
  
  82029ed2fc638f66257f35ce305dc3c7851546ac
- SHA256
  
  bab1ff2b5707a870c9f065a3e41574f7b673adb5496b570b064c509c043fb691
- SHA512
  
  4d356eb6851cd1fec958e4d89478dd7d001e36fb50d29d70e21a38ff3ef5ac3d7bc8c2fed31ef64e94ae405f89b20040ce465394eb9d1b4bb21eacabf7a422b8
- SSDEEP
  
  24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5d:Rh+ZkldDPK8YaKjd
Score

10^/10

revengerat marzo26 discovery trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Drops startup file
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratmarzo26discoverytrojan

behavioral2

revengeratmarzo26discoverytrojan

© 2018-2025

Terms | Privacy