revengerat | 5bc221262fd6c78654aa863daaba906b74afd8ce0dd0c524e4eda0535ae3871d | Triage

Submit
Reports

Overview

overview

Static

static

3

5bc221262f...1d.exe

windows7-x64

5bc221262f...1d.exe

windows10-2004-x64

Sharing

General

Target

5bc221262fd6c78654aa863daaba906b74afd8ce0dd0c524e4eda0535ae3871d
Size

3.3MB
Sample

250321-n2w51s1py7
MD5

91e122cb79dd06013a7e75568084064f
SHA1

cbfab72a68523fd4b1822a954dc1b06403f53e78
SHA256

5bc221262fd6c78654aa863daaba906b74afd8ce0dd0c524e4eda0535ae3871d
SHA512

5b08e7e535e0cceb204748f6bdcb79963da562c37337a0964054baca927cf1593b89afe556d5e5427e0c511164428fcd554edde4513dc325cd10cd2b3c011dc2
SSDEEP

98304:voysTqyl3W1bI/JKN4+VrU/aCo59rMn1gOQxKl:v8w0IbTrMn1ykl

Score

10^/10

revengerat discovery stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5bc221262fd6c78654aa863daaba906b74afd8ce0dd0c524e4eda0535ae3871d.exe

Resource

win7-20240903-en

revengerat discovery stealer trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

5bc221262fd6c78654aa863daaba906b74afd8ce0dd0c524e4eda0535ae3871d.exe

Resource

win10v2004-20250314-en

revengerat discovery stealer trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  5bc221262fd6c78654aa863daaba906b74afd8ce0dd0c524e4eda0535ae3871d
- Size
  
  3.3MB
- MD5
  
  91e122cb79dd06013a7e75568084064f
- SHA1
  
  cbfab72a68523fd4b1822a954dc1b06403f53e78
- SHA256
  
  5bc221262fd6c78654aa863daaba906b74afd8ce0dd0c524e4eda0535ae3871d
- SHA512
  
  5b08e7e535e0cceb204748f6bdcb79963da562c37337a0964054baca927cf1593b89afe556d5e5427e0c511164428fcd554edde4513dc325cd10cd2b3c011dc2
- SSDEEP
  
  98304:voysTqyl3W1bI/JKN4+VrU/aCo59rMn1gOQxKl:v8w0IbTrMn1ykl
Score

10^/10

revengerat discovery stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- Revengerat family
  revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

revengeratdiscoverystealertrojan

behavioral2

revengeratdiscoverystealertrojan

© 2018-2025

Terms | Privacy