revengerat | ced602ff9094977c33eabbd11a6dcc66656671d5f47596774ecc4792330d2d6a | Triage

Submit
Reports

Overview

overview

Static

static

ededa2f0f9...18.exe

windows7-x64

ededa2f0f9...18.exe

windows10-2004-x64

Sharing

General

Target

ededa2f0f915bc3617f63ac1586b40bb_JaffaCakes118
Size

17KB
Sample

240920-tbmfsavarb
MD5

ededa2f0f915bc3617f63ac1586b40bb
SHA1

463bde5b8c5d22b94e35fb39aad7ddc5f5247eec
SHA256

ced602ff9094977c33eabbd11a6dcc66656671d5f47596774ecc4792330d2d6a
SHA512

afae21c1bda91ab68e6dd72137eb8b1022f73f1b1307152e2cd87d8e44080fdb17abb922df10dd79d08159fdedcfb611d1ee99034bfac92aed7b95d7c03c96cf
SSDEEP

384:aFylyqmx99hQsZVr5ILeNpvnbqsx0CynZ3s2:aFyl5mx9gAB5ILeLOLB

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer guest revengerat

3 signatures

Behavioral task

behavioral1

Sample

ededa2f0f915bc3617f63ac1586b40bb_JaffaCakes118.exe

Resource

win7-20240903-en

revengerat guest stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ededa2f0f915bc3617f63ac1586b40bb_JaffaCakes118.exe

Resource

win10v2004-20240802-en

revengerat stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

193.161.193.99:40024

Mutex

RV_MUTEX

Targets

- Target
  
  ededa2f0f915bc3617f63ac1586b40bb_JaffaCakes118
- Size
  
  17KB
- MD5
  
  ededa2f0f915bc3617f63ac1586b40bb
- SHA1
  
  463bde5b8c5d22b94e35fb39aad7ddc5f5247eec
- SHA256
  
  ced602ff9094977c33eabbd11a6dcc66656671d5f47596774ecc4792330d2d6a
- SHA512
  
  afae21c1bda91ab68e6dd72137eb8b1022f73f1b1307152e2cd87d8e44080fdb17abb922df10dd79d08159fdedcfb611d1ee99034bfac92aed7b95d7c03c96cf
- SSDEEP
  
  384:aFylyqmx99hQsZVr5ILeNpvnbqsx0CynZ3s2:aFyl5mx9gAB5ILeLOLB
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratgueststealertrojan

behavioral2

revengeratstealertrojan

© 2018-2025

Terms | Privacy