revengerat | b017d6d2e028f573035dc3d643f8efeb58127c3a6a58956adf831293773e6215 | Triage

Submit
Reports

Overview

overview

Static

static

fbf0ed84ee...18.exe

windows7-x64

fbf0ed84ee...18.exe

windows10-2004-x64

Sharing

General

Target

fbf0ed84ee97893d596b974791ba20f0_JaffaCakes118
Size

53KB
Sample

240928-kv65vszcla
MD5

fbf0ed84ee97893d596b974791ba20f0
SHA1

c2ba2745ee271689ada245b77e96fcfff7736bee
SHA256

b017d6d2e028f573035dc3d643f8efeb58127c3a6a58956adf831293773e6215
SHA512

f6528476f909109dc55153b41e07869535d6f4c9f367aa0581d51d4b13689eb40bf8d2c8f78d1199ccfb4b808c62d1b17374ca5848f52c6d074208ef77ab5842
SSDEEP

768:PnTvaLwFiPs4cQbCXSh9RgjkEprmk358B+LqESKs8udqd9zYcCeO:vTvbiERQbqqdqCoR2KJud8HO

Score

10^/10

revengerat stealer trojan

Static task

static1

stealer revengerat

3 signatures

Behavioral task

behavioral1

Sample

fbf0ed84ee97893d596b974791ba20f0_JaffaCakes118.exe

Resource

win7-20240903-en

revengerat stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

fbf0ed84ee97893d596b974791ba20f0_JaffaCakes118.exe

Resource

win10v2004-20240802-en

revengerat stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  fbf0ed84ee97893d596b974791ba20f0_JaffaCakes118
- Size
  
  53KB
- MD5
  
  fbf0ed84ee97893d596b974791ba20f0
- SHA1
  
  c2ba2745ee271689ada245b77e96fcfff7736bee
- SHA256
  
  b017d6d2e028f573035dc3d643f8efeb58127c3a6a58956adf831293773e6215
- SHA512
  
  f6528476f909109dc55153b41e07869535d6f4c9f367aa0581d51d4b13689eb40bf8d2c8f78d1199ccfb4b808c62d1b17374ca5848f52c6d074208ef77ab5842
- SSDEEP
  
  768:PnTvaLwFiPs4cQbCXSh9RgjkEprmk358B+LqESKs8udqd9zYcCeO:vTvbiERQbqqdqCoR2KJud8HO
Score

10^/10

revengerat stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerrevengerat

behavioral1

revengeratstealertrojan

behavioral2

revengeratstealertrojan

© 2018-2025

Terms | Privacy