Overview

overview

10

Static

static

1

COMBO EDITOR PRO.zip

windows7-x64

10

COMBO EDITOR PRO.zip

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    COMBO EDITOR PRO.zip

  • Size

    1.7MB

  • Sample

    241222-ya3htsxlam

  • MD5

    b539b73076fdf7f3cb1a66a67b20c8d3

  • SHA1

    946dea11d5cfb3bd5e518ffcf468fa8cd7c16192

  • SHA256

    42d160d7a91ab48d7ff8062aaaf678063a2866663943aa55c1e8b6a86518c771

  • SHA512

    db067d20e97bfc1d7fe6ad656f11b5427b359b388716556df0520ee6eab878fd199711983d46352a93fe721322be357b1acc58d2d24d9b018ba5c5752c1a4f3c

  • SSDEEP

    49152:RF5gpYicHnjfFsX13dbdEjWTC72KYDcgUmNp6:RF5gqiMnjENBrTwcc18Q

Score
10/10
revengeratnyancatrevengediscoverypersistencetrojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

amazon.capeturk.com:100

Mutex

eea5a83186824927836

Targets

    • Target

      COMBO EDITOR PRO.zip

    • Size

      1.7MB

    • MD5

      b539b73076fdf7f3cb1a66a67b20c8d3

    • SHA1

      946dea11d5cfb3bd5e518ffcf468fa8cd7c16192

    • SHA256

      42d160d7a91ab48d7ff8062aaaf678063a2866663943aa55c1e8b6a86518c771

    • SHA512

      db067d20e97bfc1d7fe6ad656f11b5427b359b388716556df0520ee6eab878fd199711983d46352a93fe721322be357b1acc58d2d24d9b018ba5c5752c1a4f3c

    • SSDEEP

      49152:RF5gpYicHnjfFsX13dbdEjWTC72KYDcgUmNp6:RF5gqiMnjENBrTwcc18Q

    Score
    10/10
    revengeratnyancatrevengediscoverypersistencetrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Revengerat family

      revengerat

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks