revengerat | 88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a | Triage

Sharing

General

Target

88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a.exe
Size

17KB
Sample

250110-rwaavayqfr
MD5

fc3d3b3c17850259571533e6cf2e8880
SHA1

f4a0c78798da0868741c160326866192be448939
SHA256

88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a
SHA512

9b2ca105f21f8e751098efc03bf4501fdb868223116ba455f492491359b9766bd4854537fdbff7a265ab91412e0f00baaa00cf0abb9fe7bc67c1f25f574e419a
SSDEEP

384:6ClfEbMFEcg53vRPJnMZUCG4A3DBXM0sXu5syswG9:pflFWOUPFt0J

Score

10^/10

revengerat spam stealer

Malware Config

Extracted

Family

revengerat

Botnet

SPAM

C2

kilimanjaro.cloudns.nz:8811

kilimanjaro.run.place:8811

kilimanjaro.crabdance.com:8811

kilimanjaro.bigmoney.biz:8811

kilimanjaro.theworkpc.com:8811

burkinafaso.duckdns.org:8811

Mutex

RV_MUTEX-GYuaWVCGnhpCsG

Targets

- Target
  
  88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a.exe
- Size
  
  17KB
- MD5
  
  fc3d3b3c17850259571533e6cf2e8880
- SHA1
  
  f4a0c78798da0868741c160326866192be448939
- SHA256
  
  88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a
- SHA512
  
  9b2ca105f21f8e751098efc03bf4501fdb868223116ba455f492491359b9766bd4854537fdbff7a265ab91412e0f00baaa00cf0abb9fe7bc67c1f25f574e419a
- SSDEEP
  
  384:6ClfEbMFEcg53vRPJnMZUCG4A3DBXM0sXu5syswG9:pflFWOUPFt0J
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

stealerspamrevengerat

behavioral1

behavioral2