Overview

overview

10

Static

static

5

92674c9486...cs.exe

windows7-x64

10

92674c9486...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    92674c948626efda7acf7bd3ab919d30_NeikiAnalytics.exe

  • Size

    903KB

  • Sample

    240614-agavdsxarb

  • MD5

    92674c948626efda7acf7bd3ab919d30

  • SHA1

    b9ef4682600251a301906473b6be40c9623d6daf

  • SHA256

    4e2773fe4e48b5ddbdc99f28f7375bbc1afa5b6d12fab1ccfffae0beb50e4409

  • SHA512

    baa2205c8d0c5d0add8ce9973e58665c2509b67a3d1aa3d1aaa8e248e697be53c3ec9b0d1cfba0672c4061679d0faeb1925d62bb7453fcf118b16890bc199a1d

  • SSDEEP

    24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5h:gh+ZkldoPK8YaKGh

Score
10/10
revengeratmarzo26trojan

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

    • Target

      92674c948626efda7acf7bd3ab919d30_NeikiAnalytics.exe

    • Size

      903KB

    • MD5

      92674c948626efda7acf7bd3ab919d30

    • SHA1

      b9ef4682600251a301906473b6be40c9623d6daf

    • SHA256

      4e2773fe4e48b5ddbdc99f28f7375bbc1afa5b6d12fab1ccfffae0beb50e4409

    • SHA512

      baa2205c8d0c5d0add8ce9973e58665c2509b67a3d1aa3d1aaa8e248e697be53c3ec9b0d1cfba0672c4061679d0faeb1925d62bb7453fcf118b16890bc199a1d

    • SSDEEP

      24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5h:gh+ZkldoPK8YaKGh

    Score
    10/10
    revengeratmarzo26trojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks