Overview

overview

10

Static

static

3

Lee Text Tools.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lee Text Tools.exe

  • Size

    935KB

  • Sample

    241121-be1tgaxhnq

  • MD5

    45c16f2c3c9f43bfaf3f4bbed777773a

  • SHA1

    9b4e4b6a6a79a3a668f63803d2a4d03a81589ad1

  • SHA256

    7f74247962c61d595001a2d02788e55290265ed177bc696802f6f4eca51e5796

  • SHA512

    7d7ae482968d38c98f947b87520817a6165148a3e66cf89352a96a4ed5d6d6ac6e8cfa843c819d711ef066df20195bfb93b571738519bc6751826fd7b9398538

  • SSDEEP

    24576:GkHfaEEJ40aLb49n5/hLEjaEEJ40aLb49n5/hgCFzwgy:GkHfaEEJ465/REjaEEJ465/9Zw1

Score
10/10
revengeratnyancatrevengediscoverypersistencetrojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

amazon.capeturk.com:100

Mutex

eea5a83186824927836

Targets

    • Target

      Lee Text Tools.exe

    • Size

      935KB

    • MD5

      45c16f2c3c9f43bfaf3f4bbed777773a

    • SHA1

      9b4e4b6a6a79a3a668f63803d2a4d03a81589ad1

    • SHA256

      7f74247962c61d595001a2d02788e55290265ed177bc696802f6f4eca51e5796

    • SHA512

      7d7ae482968d38c98f947b87520817a6165148a3e66cf89352a96a4ed5d6d6ac6e8cfa843c819d711ef066df20195bfb93b571738519bc6751826fd7b9398538

    • SSDEEP

      24576:GkHfaEEJ40aLb49n5/hLEjaEEJ40aLb49n5/hgCFzwgy:GkHfaEEJ465/REjaEEJ465/9Zw1

    Score
    10/10
    revengeratnyancatrevengediscoverypersistencetrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Revengerat family

      revengerat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks