revengerat | e262099c9e91f23b26d5c894295812991bd82af3e15a47a1a4d577ec2348755c | Triage

Sharing

General

Target

Client.exe
Size

290KB
Sample

250317-a3tvdsxq18
MD5

6290e08f9f5d3a18c6d9ac614efa6d04
SHA1

ba2d01533cecd19d40f226270ebcfde94b83cb8c
SHA256

e262099c9e91f23b26d5c894295812991bd82af3e15a47a1a4d577ec2348755c
SHA512

8abdc80ad785fd511df1903677e82b3c32a336e2f32b9c6cc88b8f02ba98e68c525c93dfc9b18217b63865d127fa6c89425e792d92771ff5cd730ed6f7b020c0
SSDEEP

6144:JbPP4NuWZzQHaWj4uZul5oIDcVatoSVE+:JL4Zzkaf04jctSP

Score

10^/10

revengerat discovery stealer

Malware Config

Targets

- Target
  
  Client.exe
- Size
  
  290KB
- MD5
  
  6290e08f9f5d3a18c6d9ac614efa6d04
- SHA1
  
  ba2d01533cecd19d40f226270ebcfde94b83cb8c
- SHA256
  
  e262099c9e91f23b26d5c894295812991bd82af3e15a47a1a4d577ec2348755c
- SHA512
  
  8abdc80ad785fd511df1903677e82b3c32a336e2f32b9c6cc88b8f02ba98e68c525c93dfc9b18217b63865d127fa6c89425e792d92771ff5cd730ed6f7b020c0
- SSDEEP
  
  6144:JbPP4NuWZzQHaWj4uZul5oIDcVatoSVE+:JL4Zzkaf04jctSP
Score

7^/10

discovery
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

stealerrevengerat

behavioral1

behavioral2