revengerat | 3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446 | Triage

Submit
Reports

Overview

overview

Static

static

5

3a6e2de5b3...46.exe

windows7-x64

3a6e2de5b3...46.exe

windows10-2004-x64

out.exe

windows7-x64

out.exe

windows10-2004-x64

Sharing

General

Target

3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446
Size

1.4MB
Sample

241002-dm16baxgnc
MD5

5673c04d81969a6603184069b6846213
SHA1

49fdd9c69f1c281d94486029dfaa5108dfc168bf
SHA256

3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446
SHA512

c381630f7c9c72ca538679bef37b9e966ec2f906bd5eb36a42069e3742ddd57bd958d867ede257edc3244e40fa3a6c65c10cddd07dddfd89cc2085eef13291cb
SSDEEP

24576:rq5TfcdHj4fmb9Ve9u2qTPIMeYyBMLlQjzCEzKJ9TtLzCwn1jAh0zQJ9TtDRli:rUTsamC9uxKjY5x1jAF5i

Score

10^/10

revengerat discovery stealer trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446.exe

Resource

win7-20240903-en

revengerat discovery stealer trojan upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446.exe

Resource

win10v2004-20240802-en

revengerat discovery stealer trojan upx

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral3

Sample

out.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

out.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446
- Size
  
  1.4MB
- MD5
  
  5673c04d81969a6603184069b6846213
- SHA1
  
  49fdd9c69f1c281d94486029dfaa5108dfc168bf
- SHA256
  
  3a6e2de5b3de6e67229b11f6d74a4f9af70ccec85c2573a905df5a1f84a35446
- SHA512
  
  c381630f7c9c72ca538679bef37b9e966ec2f906bd5eb36a42069e3742ddd57bd958d867ede257edc3244e40fa3a6c65c10cddd07dddfd89cc2085eef13291cb
- SSDEEP
  
  24576:rq5TfcdHj4fmb9Ve9u2qTPIMeYyBMLlQjzCEzKJ9TtLzCwn1jAh0zQJ9TtDRli:rUTsamC9uxKjY5x1jAF5i
Score

10^/10

revengerat discovery stealer trojan upx
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  out.upx
- Size
  
  1.9MB
- MD5
  
  fe0927506a0d3fb086218019f289c2c4
- SHA1
  
  ff6b549252ca81b6a7652ad4b38e519be3ea2185
- SHA256
  
  8d3d997942e0e03311199cd6a47bf9f549841bb09eca20c074994bc3c707ff53
- SHA512
  
  eb203094ff64e3b3a50c985741c4da2c80f8fe37976fdf900dab3b6542e9574f09c6c5ca3488e7b92c2667a81a4ef8d8bbf418d43ac0b664002272ca4bfc5267
- SSDEEP
  
  24576:8tb20pkaCqT5TBWgN5Q2qTPIMeYyBMLlQjzCEzKJ9TtLzCwn1jAh0zQJ9TtDRl:lVg5t5QxKjY5x1jAF5
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratdiscoverystealertrojanupx

behavioral2

revengeratdiscoverystealertrojanupx

behavioral3

behavioral4

© 2018-2024

Terms | Privacy