revengerat | 1a527cb87d5cdbe942e65986f6b2220bb3c4e1286c46c9d2b8b423524276badb | Triage

Sharing

General

Target

bf98df7515ea85432e237f55eb85991b_JaffaCakes118
Size

272KB
Sample

240824-2wyzbawcpj
MD5

bf98df7515ea85432e237f55eb85991b
SHA1

e18e193ec2f2bac3c7b7bcd9a61ea26f2e56c37f
SHA256

1a527cb87d5cdbe942e65986f6b2220bb3c4e1286c46c9d2b8b423524276badb
SHA512

66d8356d30cce9e4d433cca40a0a9bd1607526d0ea9a050d3183ced12484007e0a7af66e7c4b89efe0a042957e18e7fe3e11597343a170f6396894922797d698
SSDEEP

3072:YGKROS5fkMLalsplF9YxKROS5fkM05Cn0IKbuFEI1ZCM1PqG9pT632FszuZMrBlj:lKRlfdLQsZ8KRlfd6Cn0IMul2NZ

Score

10^/10

revengerat stealer

Malware Config

Targets

- Target
  
  bf98df7515ea85432e237f55eb85991b_JaffaCakes118
- Size
  
  272KB
- MD5
  
  bf98df7515ea85432e237f55eb85991b
- SHA1
  
  e18e193ec2f2bac3c7b7bcd9a61ea26f2e56c37f
- SHA256
  
  1a527cb87d5cdbe942e65986f6b2220bb3c4e1286c46c9d2b8b423524276badb
- SHA512
  
  66d8356d30cce9e4d433cca40a0a9bd1607526d0ea9a050d3183ced12484007e0a7af66e7c4b89efe0a042957e18e7fe3e11597343a170f6396894922797d698
- SSDEEP
  
  3072:YGKROS5fkMLalsplF9YxKROS5fkM05Cn0IKbuFEI1ZCM1PqG9pT632FszuZMrBlj:lKRlfdLQsZ8KRlfd6Cn0IMul2NZ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerrevengerat

behavioral1

behavioral2