revengerat | 9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a | Triage

Sharing

General

Target

9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a.exe
Size

17KB
Sample

250113-jypjjstngx
MD5

b0a6e361a3489d4ed456c6722fe6922a
SHA1

b6929310253ef798b416e33efeb968c85bb9425a
SHA256

9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a
SHA512

bd426911eeddba14810b88fc4b828edb80596671e8a8a2bb5013fb38860a87de01a615e70a12a25acbf9cfca567b164133d4f7ba94a6483d4b48e8b2055c1e6d
SSDEEP

384:6ClfEbMFEcg53vRPJnMZUCG4A3DBXM0sXu5syswG9M:pflFWOUPFt0J2

Score

10^/10

revengerat spam stealer

Malware Config

Extracted

Family

revengerat

Botnet

SPAM

C2

kilimanjaro.cloudns.nz:8811

kilimanjaro.run.place:8811

kilimanjaro.crabdance.com:8811

kilimanjaro.bigmoney.biz:8811

kilimanjaro.theworkpc.com:8811

burkinafaso.duckdns.org:8811

Mutex

RV_MUTEX-GYuaWVCGnhpCsG

Targets

- Target
  
  9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a.exe
- Size
  
  17KB
- MD5
  
  b0a6e361a3489d4ed456c6722fe6922a
- SHA1
  
  b6929310253ef798b416e33efeb968c85bb9425a
- SHA256
  
  9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a
- SHA512
  
  bd426911eeddba14810b88fc4b828edb80596671e8a8a2bb5013fb38860a87de01a615e70a12a25acbf9cfca567b164133d4f7ba94a6483d4b48e8b2055c1e6d
- SSDEEP
  
  384:6ClfEbMFEcg53vRPJnMZUCG4A3DBXM0sXu5syswG9M:pflFWOUPFt0J2
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

stealerspamrevengerat

behavioral1

behavioral2