Overview

overview

10

Static

static

5

7db8c057b2...cs.exe

windows7-x64

10

7db8c057b2...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7db8c057b2cdf1fd6ad22f0b294a4f70_NeikiAnalytics.exe

  • Size

    903KB

  • Sample

    240619-dv8v5asgpf

  • MD5

    7db8c057b2cdf1fd6ad22f0b294a4f70

  • SHA1

    de29f4227007b19dcab0f1bfffa7c2247d9a32c5

  • SHA256

    3cda6266e4de7547a873350fdc03ce69b2fcfc329310a2880a034d125c078748

  • SHA512

    4a23f12d7c4982d6402fd4a1f9e56eb7708aabf068ca33a722fbac135a4311f692fdc2a83246709c0e307b5048ac72bbd64ad5f57f6486cca39c0d40b12b60a7

  • SSDEEP

    24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5F:gh+ZkldoPK8YaKGF

Score
10/10
revengeratmarzo26trojan

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Targets

    • Target

      7db8c057b2cdf1fd6ad22f0b294a4f70_NeikiAnalytics.exe

    • Size

      903KB

    • MD5

      7db8c057b2cdf1fd6ad22f0b294a4f70

    • SHA1

      de29f4227007b19dcab0f1bfffa7c2247d9a32c5

    • SHA256

      3cda6266e4de7547a873350fdc03ce69b2fcfc329310a2880a034d125c078748

    • SHA512

      4a23f12d7c4982d6402fd4a1f9e56eb7708aabf068ca33a722fbac135a4311f692fdc2a83246709c0e307b5048ac72bbd64ad5f57f6486cca39c0d40b12b60a7

    • SSDEEP

      24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5F:gh+ZkldoPK8YaKGF

    Score
    10/10
    revengeratmarzo26trojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks