revengerat

General

Target

35fe14ca48ab0b792b3f8934988512e0N
Size

147KB
Sample

240908-llql7aycql
MD5

35fe14ca48ab0b792b3f8934988512e0
SHA1

c2e334fe002ca10f2463b84e8bb47a16589f791a
SHA256

62414879eaa4f41a799b2e08dc86aa8375055c9d731a587f8e3a78c29957dc29
SHA512

b0e96dd123a4c5c9463281684705ce00620a80a9750c09c9adeb743ccf7a7294122628d2bd1fa7cc102bde8835e5281df651c056d28cbd9bc99f07870f28ff7b
SSDEEP

3072:hK6+HZbJ0q0Rh2WghJ7GjdbrG8WLHOffM0nhadbrRNq+9Bi6:h7NOCjd+BLHaM0nhadbfqu

Score

10^/10

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

127.0.0.1:4444

127.0.0.1:1337

192.168.1.3:4444

192.168.1.3:1337

192.168.137.1:4444

192.168.137.1:1337

192.168.1.2:4444

192.168.1.2:1337

Mutex

RV_MUTEX

Targets

- Target
  
  35fe14ca48ab0b792b3f8934988512e0N
- Size
  
  147KB
- MD5
  
  35fe14ca48ab0b792b3f8934988512e0
- SHA1
  
  c2e334fe002ca10f2463b84e8bb47a16589f791a
- SHA256
  
  62414879eaa4f41a799b2e08dc86aa8375055c9d731a587f8e3a78c29957dc29
- SHA512
  
  b0e96dd123a4c5c9463281684705ce00620a80a9750c09c9adeb743ccf7a7294122628d2bd1fa7cc102bde8835e5281df651c056d28cbd9bc99f07870f28ff7b
- SSDEEP
  
  3072:hK6+HZbJ0q0Rh2WghJ7GjdbrG8WLHOffM0nhadbrRNq+9Bi6:h7NOCjd+BLHaM0nhadbfqu
Score

10^/10

revengerat guest discovery stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

RevengeRat Executable

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2