revengerat

General

Target

JaffaCakes118_699a064fb96c1fbb621f2aa0831fbb10
Size

1.4MB
Sample

250103-cnne6svnes
MD5

699a064fb96c1fbb621f2aa0831fbb10
SHA1

9e04fc3f67884afcee3c5f8c9ca71a78ee35c766
SHA256

36546b9926ac60edc6732beeaf44f3e77061ee1762df3f375805f60f8fbbcc6a
SHA512

e6913fc0b7bd724452f79f063e83945f600a5cfab17dabef13ea11f20777b77d9f3b80b40a2b3ff3eb93784d30cb47f335aaec73d3c4a88ffc4882808b8dbebd
SSDEEP

24576:Iq5TfcdHj4fmbrJ2qWK0smVkVMygqlbySEzKJ9TtLkrHtclGtX0zQJ9TtD7WC:IUTsam5xBlP5flGt5F

Score

10^/10

Malware Config

Targets

- Target
  
  JaffaCakes118_699a064fb96c1fbb621f2aa0831fbb10
- Size
  
  1.4MB
- MD5
  
  699a064fb96c1fbb621f2aa0831fbb10
- SHA1
  
  9e04fc3f67884afcee3c5f8c9ca71a78ee35c766
- SHA256
  
  36546b9926ac60edc6732beeaf44f3e77061ee1762df3f375805f60f8fbbcc6a
- SHA512
  
  e6913fc0b7bd724452f79f063e83945f600a5cfab17dabef13ea11f20777b77d9f3b80b40a2b3ff3eb93784d30cb47f335aaec73d3c4a88ffc4882808b8dbebd
- SSDEEP
  
  24576:Iq5TfcdHj4fmbrJ2qWK0smVkVMygqlbySEzKJ9TtLkrHtclGtX0zQJ9TtD7WC:IUTsam5xBlP5flGt5F
Score

10^/10

revengerat discovery stealer trojan upx
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Revengerat family
  revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

2

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Revengerat family

RevengeRat Executable

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

AutoIT Executable

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2