revengerat | da1e65953f6cf5b06dc9c4e0f596d5c9997c2ec32aeb41e875816f10c74cb049 | Triage

Submit
Reports

Overview

overview

Static

static

Revenge.exe

windows10-ltsc 2021-x64

Sharing

General

Target

Revenge.exe
Size

20KB
Sample

250107-w7tabavmhq
MD5

8ce9e623e44cdb2dbd292da43a90506f
SHA1

09c00d2c83c5456ae168b8329a63befacaef004e
SHA256

da1e65953f6cf5b06dc9c4e0f596d5c9997c2ec32aeb41e875816f10c74cb049
SHA512

792e0cb35c0d4dd87a5f21d9ea7b154139676497373717150bfb629669bc59c799f8f8bbdeb763eab696e0cb85e94744af4c77441eaa7a6283511ef0654331f3
SSDEEP

384:AX2yy5E7X152gLDQqb7sVKuBV1yhKr2534WCzYcHe+Z:Q2yy5Gl52uDp42h4XzYcHe+Z

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer guest revengerat

3 signatures

Behavioral task

behavioral1

Sample

Revenge.exe

Resource

win10ltsc2021-20241211-en

revengerat guest stealer trojan

windows10-ltsc 2021-x64

17 signatures

300 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

necatisoff-36486.portmap.host:36486

Mutex

RV_MUTEX-ETUKIWwiejYAo

Targets

- Target
  
  Revenge.exe
- Size
  
  20KB
- MD5
  
  8ce9e623e44cdb2dbd292da43a90506f
- SHA1
  
  09c00d2c83c5456ae168b8329a63befacaef004e
- SHA256
  
  da1e65953f6cf5b06dc9c4e0f596d5c9997c2ec32aeb41e875816f10c74cb049
- SHA512
  
  792e0cb35c0d4dd87a5f21d9ea7b154139676497373717150bfb629669bc59c799f8f8bbdeb763eab696e0cb85e94744af4c77441eaa7a6283511ef0654331f3
- SSDEEP
  
  384:AX2yy5E7X152gLDQqb7sVKuBV1yhKr2534WCzYcHe+Z:Q2yy5Gl52uDp42h4XzYcHe+Z
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Revengerat family
  revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerguestrevengerat

behavioral1

revengeratgueststealertrojan

© 2018-2025

Terms | Privacy