revengerat | 21185c3feac1ceee991951fbb24dc1deee4b43b33aa9bb67b62832d3392d003a | Triage

Submit
Reports

Overview

overview

Static

static

b63d54e070...18.exe

windows7-x64

b63d54e070...18.exe

windows10-2004-x64

Sharing

General

Target

b63d54e07006ebe38eea37235d32e808_JaffaCakes118
Size

468KB
Sample

240822-efj4ws1arq
MD5

b63d54e07006ebe38eea37235d32e808
SHA1

33843a516cbb96f43e9474d7163814abdf2b358e
SHA256

21185c3feac1ceee991951fbb24dc1deee4b43b33aa9bb67b62832d3392d003a
SHA512

cf2146727afa578423e35b0c47902233055c6b1e817cf5e2562191d96e1be555111e12149662ba7c78205c1b71b6fa734c378bb870b2c8db945ac2d4d8642e9c
SSDEEP

6144:lKRlfdLQsZ8KRlfddo/arUr4WqivIgAvlc0KZ+YFPi+Y5AYuHGFf4YDybho5F0UF:M1L41UGRGF4YDy5k5+y

Score

10^/10

revengerat stealer

Static task

static1

stealer revengerat

3 signatures

Behavioral task

behavioral1

Sample

b63d54e07006ebe38eea37235d32e808_JaffaCakes118.exe

Resource

win7-20240704-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

b63d54e07006ebe38eea37235d32e808_JaffaCakes118.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
13411341

Targets

- Target
  
  b63d54e07006ebe38eea37235d32e808_JaffaCakes118
- Size
  
  468KB
- MD5
  
  b63d54e07006ebe38eea37235d32e808
- SHA1
  
  33843a516cbb96f43e9474d7163814abdf2b358e
- SHA256
  
  21185c3feac1ceee991951fbb24dc1deee4b43b33aa9bb67b62832d3392d003a
- SHA512
  
  cf2146727afa578423e35b0c47902233055c6b1e817cf5e2562191d96e1be555111e12149662ba7c78205c1b71b6fa734c378bb870b2c8db945ac2d4d8642e9c
- SSDEEP
  
  6144:lKRlfdLQsZ8KRlfddo/arUr4WqivIgAvlc0KZ+YFPi+Y5AYuHGFf4YDybho5F0UF:M1L41UGRGF4YDy5k5+y
Score

10^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerrevengerat

behavioral1

behavioral2

© 2018-2025

Terms | Privacy