Overview

overview

10

Static

static

5

73927281a6...0N.exe

windows7-x64

10

73927281a6...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    73927281a6ec3065c9b457d99ce20190N.exe

  • Size

    952KB

  • Sample

    240915-e57lgswcja

  • MD5

    73927281a6ec3065c9b457d99ce20190

  • SHA1

    007f4ffa8547dcf4e07fb6fefa16336b48a9fbf3

  • SHA256

    5a4a11627dac7e9380fe0901210c1e7971cd9b1dca2473deb31b9a518efede87

  • SHA512

    3bfea469ccde7c65b2225b3cd91c0b6cd97c18889122da0322ec8f3be1e3610799b11d4eb3222fcf83771d7d18c0b8228cd513c7505c53f167105b2faf60986f

  • SSDEEP

    24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5w:Rh+ZkldDPK8YaKjw

Score
10/10
revengeratmarzo26discoverytrojan

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

    • Target

      73927281a6ec3065c9b457d99ce20190N.exe

    • Size

      952KB

    • MD5

      73927281a6ec3065c9b457d99ce20190

    • SHA1

      007f4ffa8547dcf4e07fb6fefa16336b48a9fbf3

    • SHA256

      5a4a11627dac7e9380fe0901210c1e7971cd9b1dca2473deb31b9a518efede87

    • SHA512

      3bfea469ccde7c65b2225b3cd91c0b6cd97c18889122da0322ec8f3be1e3610799b11d4eb3222fcf83771d7d18c0b8228cd513c7505c53f167105b2faf60986f

    • SSDEEP

      24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5w:Rh+ZkldDPK8YaKjw

    Score
    10/10
    revengeratmarzo26discoverytrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Drops startup file

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks