revengerat | 57cd4c368d9c2d51a7c80b1df3ce9fced7078f99612f5add221d859e07779ee5 | Triage

Sharing

General

Target

57cd4c368d9c2d51a7c80b1df3ce9fced7078f99612f5add221d859e07779ee5
Size

16KB
Sample

240911-1knhrsvaln
MD5

2ed5514eb31a59e47373cf19b7448c73
SHA1

895c96c8b72c143d01cbb3a3fae0ed6ff30fe9ae
SHA256

57cd4c368d9c2d51a7c80b1df3ce9fced7078f99612f5add221d859e07779ee5
SHA512

001d1bce63438f5b90fb3b2df85d1dbcc2743143fd7e42baec48fbe5e34131e1c97cfe25fe879d103e3050378d902bc27c1e32e7c7062778b5c0f5abb575380f
SSDEEP

192:MArl/uA7W/d1UR+WgMbwJFCNieLqaC9oDPlksMR/cLlbb+aR9nsVVImyx5+vtte:9/KQRpNGr9oDPlMNcLlb5sVKmyx5Ct

Score

10^/10

revengerat guest stealer

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

127.0.0.1:4444

127.0.0.1:1337

192.168.1.3:4444

192.168.1.3:1337

192.168.137.1:4444

192.168.137.1:1337

192.168.1.2:4444

192.168.1.2:1337

Mutex

RV_MUTEX

Targets

- Target
  
  57cd4c368d9c2d51a7c80b1df3ce9fced7078f99612f5add221d859e07779ee5
- Size
  
  16KB
- MD5
  
  2ed5514eb31a59e47373cf19b7448c73
- SHA1
  
  895c96c8b72c143d01cbb3a3fae0ed6ff30fe9ae
- SHA256
  
  57cd4c368d9c2d51a7c80b1df3ce9fced7078f99612f5add221d859e07779ee5
- SHA512
  
  001d1bce63438f5b90fb3b2df85d1dbcc2743143fd7e42baec48fbe5e34131e1c97cfe25fe879d103e3050378d902bc27c1e32e7c7062778b5c0f5abb575380f
- SSDEEP
  
  192:MArl/uA7W/d1UR+WgMbwJFCNieLqaC9oDPlksMR/cLlbb+aR9nsVVImyx5+vtte:9/KQRpNGr9oDPlMNcLlb5sVKmyx5Ct
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

stealerguestrevengerat

behavioral1

behavioral2