revengerat | 7b897d3e7ab3c74d79a72101af439a2671edf797d8f4129db9159c99b1a27604 | Triage

Sharing

General

Target

c468249e66c3dbbd32bd1532678346b6_JaffaCakes118
Size

19KB
Sample

240827-f2ea7swfnn
MD5

c468249e66c3dbbd32bd1532678346b6
SHA1

2ff240eba351216b93518220c83189e1759f987c
SHA256

7b897d3e7ab3c74d79a72101af439a2671edf797d8f4129db9159c99b1a27604
SHA512

80893f40ee5a164fdd21d2d8b925ed362fa389a3dad64440a79b1833f55049515df4d3c2d68b95e8162e9f03cc068973adc949e8883c919ea3804347223b154c
SSDEEP

384:wz0qvq955sm6Ve9yUGCTPaPsOWkEyJ/5Fyp:c9iuVe9z9aUOFEQOp

Score

10^/10

revengerat nyancatrevenge execution trojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

masterlovecocacola.ddns.com.br:5552

Mutex

7cb9d57ac45743

Targets

- Target
  
  c468249e66c3dbbd32bd1532678346b6_JaffaCakes118
- Size
  
  19KB
- MD5
  
  c468249e66c3dbbd32bd1532678346b6
- SHA1
  
  2ff240eba351216b93518220c83189e1759f987c
- SHA256
  
  7b897d3e7ab3c74d79a72101af439a2671edf797d8f4129db9159c99b1a27604
- SHA512
  
  80893f40ee5a164fdd21d2d8b925ed362fa389a3dad64440a79b1833f55049515df4d3c2d68b95e8162e9f03cc068973adc949e8883c919ea3804347223b154c
- SSDEEP
  
  384:wz0qvq955sm6Ve9yUGCTPaPsOWkEyJ/5Fyp:c9iuVe9z9aUOFEQOp
Score

10^/10

revengerat nyancatrevenge execution trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratnyancatrevengeexecutiontrojan

behavioral2

revengeratnyancatrevengeexecutiontrojan