Overview

overview

10

Static

static

10

495bbce267...86.exe

windows7-x64

10

495bbce267...86.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    495bbce2676181487a30859eb8cc5c0ea2f9f913ac35d94e952e7d90d7452086.exe

  • Size

    557KB

  • Sample

    241122-hge34s1rhr

  • MD5

    0015bc6067f0a15829f4eb9c450c0eae

  • SHA1

    3a6f1a6632d6714558b75a0c094b2b0938694674

  • SHA256

    495bbce2676181487a30859eb8cc5c0ea2f9f913ac35d94e952e7d90d7452086

  • SHA512

    e3b0159fb3257aa8ada4ce8880e6ad4854c0df3fc3b037f87d02095336b76b4745a5284f62fa0d0b496b8584b5213f978fe8eb2559e4d03fa79152ee8d09917f

  • SSDEEP

    12288:apkiIqsCqaXTa+dD2m4JZUXy7NlW0EJRzi:apkEsHf+dCm7cNlWDJE

Score
10/10
revengeratdiscoverypersistencestealertrojan

Malware Config

Targets

    • Target

      495bbce2676181487a30859eb8cc5c0ea2f9f913ac35d94e952e7d90d7452086.exe

    • Size

      557KB

    • MD5

      0015bc6067f0a15829f4eb9c450c0eae

    • SHA1

      3a6f1a6632d6714558b75a0c094b2b0938694674

    • SHA256

      495bbce2676181487a30859eb8cc5c0ea2f9f913ac35d94e952e7d90d7452086

    • SHA512

      e3b0159fb3257aa8ada4ce8880e6ad4854c0df3fc3b037f87d02095336b76b4745a5284f62fa0d0b496b8584b5213f978fe8eb2559e4d03fa79152ee8d09917f

    • SSDEEP

      12288:apkiIqsCqaXTa+dD2m4JZUXy7NlW0EJRzi:apkEsHf+dCm7cNlWDJE

    Score
    10/10
    revengeratdiscoverypersistencestealertrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Revengerat family

      revengerat

    • RevengeRat Executable

      stealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks