revengerat | fb5a48d6b7e7a6d7c0eb8693ef3b69b56431529d393afce8b5d3e76308d70449 | Triage

Submit
Reports

Overview

overview

Static

static

5

3a75d69628...1).exe

windows7-x64

3a75d69628...1).exe

windows10-2004-x64

Sharing

General

Target

3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d_unsafe (copy 1)
Size

1.9MB
Sample

240915-nt4j5asbjc
MD5

768a26a0fb582b456befa2e2c9f353e9
SHA1

5227ae7c346e4db17165e539a40710a3e3818590
SHA256

fb5a48d6b7e7a6d7c0eb8693ef3b69b56431529d393afce8b5d3e76308d70449
SHA512

66630f2df9d3a1341768c3573e90081412384a4317734afc5fa0d5cf258a6030a4e459f35f8c69dcc55718e9df0f80b734f2ff7dfd53a2d627e047445c51c66a
SSDEEP

24576:wtb20pkaCqT5TBWgNjVY10Vp70smVkVMyO7BlWEWEzKJ9TtLs4l0llFJ+o0zQJ9X:5Vg5tjVY1UUle52lF55c56

Score

10^/10

revengerat discovery stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d_unsafe (copy 1).exe

Resource

win7-20240903-en

revengerat discovery stealer trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d_unsafe (copy 1).exe

Resource

win10v2004-20240802-en

revengerat discovery stealer trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d_unsafe (copy 1)
- Size
  
  1.9MB
- MD5
  
  768a26a0fb582b456befa2e2c9f353e9
- SHA1
  
  5227ae7c346e4db17165e539a40710a3e3818590
- SHA256
  
  fb5a48d6b7e7a6d7c0eb8693ef3b69b56431529d393afce8b5d3e76308d70449
- SHA512
  
  66630f2df9d3a1341768c3573e90081412384a4317734afc5fa0d5cf258a6030a4e459f35f8c69dcc55718e9df0f80b734f2ff7dfd53a2d627e047445c51c66a
- SSDEEP
  
  24576:wtb20pkaCqT5TBWgNjVY10Vp70smVkVMyO7BlWEWEzKJ9TtLs4l0llFJ+o0zQJ9X:5Vg5tjVY1UUle52lF55c56
Score

10^/10

revengerat discovery stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratdiscoverystealertrojan

behavioral2

revengeratdiscoverystealertrojan

© 2018-2024

Terms | Privacy