Overview

overview

10

Static

static

7

17a1df75fc...0N.exe

windows7-x64

10

17a1df75fc...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17a1df75fcc3285e08b1e3cf7ca53710N

  • Size

    1.4MB

  • Sample

    240914-ttfqysshjm

  • MD5

    17a1df75fcc3285e08b1e3cf7ca53710

  • SHA1

    641fc49ad18ebab095eeefd22780af82a689f3c5

  • SHA256

    2d1ce85db625dfaa05aba669f90d5d00557ac99e48f1be4be3143b0df39e8580

  • SHA512

    6088c45d17898b64c91f870ecacd8b7731c8f7caac682cfabdbc85e0b2e610c53d851bc4245d686a5dff4ec142fabca2815805effb00b583bae73d78cd386fb2

  • SSDEEP

    24576:mq5TfcdHj4fmb82qdEzKJ9Ttr1LnUA8sYtWY1YPI+0zQJ9TtFsVquE9sYtWYwYPF:mUTsamgxn5TYtWY1YPD56YtWYwYPF

Score
10/10
revengeratdiscoverystealertrojanupx

Malware Config

Targets

    • Target

      17a1df75fcc3285e08b1e3cf7ca53710N

    • Size

      1.4MB

    • MD5

      17a1df75fcc3285e08b1e3cf7ca53710

    • SHA1

      641fc49ad18ebab095eeefd22780af82a689f3c5

    • SHA256

      2d1ce85db625dfaa05aba669f90d5d00557ac99e48f1be4be3143b0df39e8580

    • SHA512

      6088c45d17898b64c91f870ecacd8b7731c8f7caac682cfabdbc85e0b2e610c53d851bc4245d686a5dff4ec142fabca2815805effb00b583bae73d78cd386fb2

    • SSDEEP

      24576:mq5TfcdHj4fmb82qdEzKJ9Ttr1LnUA8sYtWY1YPI+0zQJ9TtFsVquE9sYtWYwYPF:mUTsamgxn5TYtWY1YPD56YtWYwYPF

    Score
    10/10
    revengeratdiscoverystealertrojanupx

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • RevengeRat Executable

      stealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks