Overview

overview

10

Static

static

5

3a75d69628...3d.exe

windows7-x64

10

3a75d69628...3d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d

  • Size

    1.4MB

  • Sample

    240925-r3j4mathpd

  • MD5

    9364607dfe2cbfef763c146ee7e27dfa

  • SHA1

    53a7d87eef714750cc1751182443acfebc41b832

  • SHA256

    3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d

  • SHA512

    09a17b7f21bcb29b44db6b9f3c8ac972650b4e428752837a7afe9953a341b05d389fee49586273ef5ec3ed9b9a4f5d3d064b30a82130bf738be1266a1afa1aeb

  • SSDEEP

    24576:eq5TfcdHj4fmbqOY2q570smVkVMyO7BlWEWEzKJ9TtLs2l0llFJ+o0zQJ9TtDi8I:eUTsamVYxkle5YlF55q

Score
10/10
revengeratdiscoverystealertrojanupx

Malware Config

Targets

    • Target

      3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d

    • Size

      1.4MB

    • MD5

      9364607dfe2cbfef763c146ee7e27dfa

    • SHA1

      53a7d87eef714750cc1751182443acfebc41b832

    • SHA256

      3a75d6962893903bdfc8558485df3e3166989bb5dd5d524d2c5c796f60221f3d

    • SHA512

      09a17b7f21bcb29b44db6b9f3c8ac972650b4e428752837a7afe9953a341b05d389fee49586273ef5ec3ed9b9a4f5d3d064b30a82130bf738be1266a1afa1aeb

    • SSDEEP

      24576:eq5TfcdHj4fmbqOY2q570smVkVMyO7BlWEWEzKJ9TtLs2l0llFJ+o0zQJ9TtDi8I:eUTsamVYxkle5YlF55q

    Score
    10/10
    revengeratdiscoverystealertrojanupx

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • RevengeRat Executable

      stealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks