revengerat | 751ab6c224bfc8714a9f5704dbbf69936864907d73bb26ad62e452d17451cb74

Sharing

Copy URL

Twitter E-mail

General

Target

Revenge-RAT v0.3 (2).zip
Size

14.4MB
Sample

240629-ygnm9axgpq
MD5

1a3126dd39360ad9288b4257ca479a05
SHA1

f55e35dc78e9812b085b95d35c2c7c274b41ce8e
SHA256

751ab6c224bfc8714a9f5704dbbf69936864907d73bb26ad62e452d17451cb74
SHA512

dd6fbb7725441cd0639739eefbc3f7cb06b6d40287cd53d05e20da25086e5f3263e40015e90a6c920fdf0f4a9c4ada8f237231ef2a0170d254dcb3e6a4e6e507
SSDEEP

393216:ErrXrrjnSRIerLSVs6uD4FFlW5Z3K+N0ghpkbj24kEM:ErjrXte6wDEl43K+Nrhpkf5K

Score

10^/10

Malware Config

Extracted

Family

revengerat

Botnet

Guest

127.0.0.1:333

Mutex

RV_MUTEX

Targets

- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/AForge.Video.DirectShow.dll
- Size
  
  35KB
- MD5
  
  2343899ea6b3dff06a6db2f0fbd86406
- SHA1
  
  9a578eb8fc1d0b9d12adc6a0fcc39ee822c5fd0c
- SHA256
  
  643a7f9754d90d475db3f84af7b254a64dd555ced0f039aaa4f08b5b27ab4fdb
- SHA512
  
  0ed7f9d8630dd9e946b9d3c22eaa84bcfbdfc8c8f2dccc877f47a176789ce70118f670ee23d820c6a42a2b4099b9088aaae1da8a957bded12224632440bda5c6
- SSDEEP
  
  768:0/Xil9fEWM0yVnO9Y5UTOSsxrC2dkbpN+2MvkYr:0gM0G5UTOtubpN+9MYr
Score

1^/10
behavioral1
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/AForge.Video.dll
- Size
  
  16KB
- MD5
  
  a614d58e17ba34826b59c4942c32f078
- SHA1
  
  c16382c25de65a9ed84b0f87288e473e62ade7da
- SHA256
  
  311724ff73b331cd6de0649b01923f7e43d168aa5b1e7f031b2b175148062757
- SHA512
  
  dec8564442dbba55f60bc74127c4118347b014ecc776f54c257d0e1e5cd3b80df635003da91cb906671ad3912d44de64548f62dc29ca3dd6de8d73ec1a1cbad9
- SSDEEP
  
  384:FgTJd+C0VUZpdoXAlFMJtirnLiDl1B9yf0G:yqalLiTB9y8G
Score

1^/10
behavioral2
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Client.exe
- Size
  
  16KB
- MD5
  
  010aabdc4dc52b82d3c6945aaefd22ec
- SHA1
  
  8f50c8e53c7da15308b57b399c22ab7b97333f5a
- SHA256
  
  0b3472c651db8cc9991a92097c22dc4cab8467aff96591f76fb89bc3af8eadaa
- SHA512
  
  609b0a617e4d6a168497b6aa8173b43690f57aefcf48eb3ce06540e7b9cde10b9e741c5d7b9eef936ab3d7857d155189902d0ab7b89784f0b61b74c10196bc0d
- SSDEEP
  
  384:X/5gk7lVzF3smf9oDPlMNcLlb5sVKhyLF5Ct:X/5gk7lVZjclMNEio
Score

1^/10
behavioral3
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/AHK/Ahk2Exe.exe
- Size
  
  339KB
- MD5
  
  d717d5943bdca2758360e4fa3b008a49
- SHA1
  
  3066109dbebd2ddd2ce658ca07e88062bc2ff679
- SHA256
  
  e2a00647b5fa56b077d3d07b1c05e3b76b7269e07fc3ea84750eb03ad71024de
- SHA512
  
  3cb028a6ede052842026a278e4cd67682b80cd45945612a07204841e68a09e6fed64de45f984316d6c8de2a44a7d99236339801ae9c4db2f1524f67f659edfeb
- SSDEEP
  
  6144:Pbbs8miuWxBn061wjr36UIU+yoTiKVpwCbC/ry7YOTD03AKDGb9V/:TgrTMn061M36RUOTvpwpNO/0dDGH
Score

1^/10
behavioral4
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/AHK/AutoHotkeySC.bin
- Size
  
  802KB
- MD5
  
  b86564d0eb29a5faab9e8daacf269df4
- SHA1
  
  c5e80905834d48ea1750b2ff4e2fa1b354adb9df
- SHA256
  
  2514235c34d17fdb4a8448bd088d89f631f5d70f12f5f7d5ee552144a345ed2d
- SHA512
  
  6fb1f669290d752d3cc4c96917969e0c958ca1643fff5ccbb8e2a6d5d8b6c011dcc782c5795cde2b0c83b65176e33dfb6cac98ce2a6cfb848888187c5a51955a
- SSDEEP
  
  24576:oNR2zaQBt37/CZ0w1PeWnzqhqCC6+PEy:dUsrC6aE
Score

1^/10
behavioral5
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/AHK/Unicode 32-bit.bin
- Size
  
  802KB
- MD5
  
  b86564d0eb29a5faab9e8daacf269df4
- SHA1
  
  c5e80905834d48ea1750b2ff4e2fa1b354adb9df
- SHA256
  
  2514235c34d17fdb4a8448bd088d89f631f5d70f12f5f7d5ee552144a345ed2d
- SHA512
  
  6fb1f669290d752d3cc4c96917969e0c958ca1643fff5ccbb8e2a6d5d8b6c011dcc782c5795cde2b0c83b65176e33dfb6cac98ce2a6cfb848888187c5a51955a
- SSDEEP
  
  24576:oNR2zaQBt37/CZ0w1PeWnzqhqCC6+PEy:dUsrC6aE
Score

1^/10
behavioral6
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Aut2Exe/Aut2exe.exe
- Size
  
  1.3MB
- MD5
  
  d28806a3244af288a2e569e36df136c4
- SHA1
  
  373816d4cc8fa8dc5973580aaa8fa9332e089b25
- SHA256
  
  89afe97dd27c3cadb96481dd38a1352bf6b98fa0206dd2d856728a47dc06f3ba
- SHA512
  
  59f5bc741ea2aa06ab4e23bf6b722201239c4fce094445f6a98bc5789abb121fe769747c34c105fa6bf38622c31c0a63802c278e5009859003c37c8190081d1c
- SSDEEP
  
  24576:PmTiPaj09O2jInFqpL6LqQOn6hyXEkImN5zVv3J4bD71Q51q:+4q2jqcpGen6e9zVvZUDZb
Score

1^/10
behavioral7
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Aut2Exe/Aut2exe_x64.exe
- Size
  
  1.4MB
- MD5
  
  cecb773c5b0e15b8d1c02840fd118f38
- SHA1
  
  217985ad1cdb4845c69c383695cdeb2645153cfd
- SHA256
  
  7261bd93161cfe191e354152d489c3721e41d84a87d6c1af7eaa4dc0c75ab3ff
- SHA512
  
  561e5ddb4aee39cad22fc685c1cd4cce070a88570b521e4dddf392cdab489aa549a6f7957ac222fe1317f985bdcc0b8839e7610b5447418e44a3b3410f9dfe89
- SSDEEP
  
  24576:QuvoBBCnx+6TiPaj09O2jInFqpL6LqQOn6hyXEkImN5zVv3J4bD71Q51a:b4uxt4q2jqcpGen6e9zVvZUDZH
Score

1^/10
behavioral8
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Aut2Exe/upx.exe
- Size
  
  298KB
- MD5
  
  e9eacbb7ab4b3f66019e0a2f13a1dba9
- SHA1
  
  ae30894b29e52bf04afc4a54795d438fb910acff
- SHA256
  
  0c3dc789d0a46493bd097526b920d913d930d96b1052cb331eec3ac560c89996
- SHA512
  
  925445d20c93c65a282fc59f773551d824bff1f8e2623fd8ea0c587831a9550c400f121defb3d82c8f0401903fa69e3154dc98e29688d02af1d5d01247914a06
- SSDEEP
  
  6144:vZCWmlys014OqpXDXz7yIrozs0WuNd3ojusBdgnNW6r4F53ttuGENGFdVCLEYnPQ:hCWV7q9zGImAjJdcH4j3ttzFdVCLNSf5
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral9
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/GoRC.exe
- Size
  
  54KB
- MD5
  
  d708cdcf904424e5ccfe7583ee1c7567
- SHA1
  
  8e47e3f58b42d400d347686f96fadbeca8f08416
- SHA256
  
  00e5dee46223200a6ec5fe8cb742dfa3dbcab1738233944c7fc8b66fc56e10e1
- SHA512
  
  b6e6fd7266729ce08d7618b1ae5ec231745a188da6c0c8837bfc464c642a36f1603911dd0ccf19f27ca004af2d7c58975f9424472841b165edeab1d0850c311d
- SSDEEP
  
  1536:hur3UYiUysl3B0ycb52RH78PMnwdY09RV:grEGqyqsFUXiY7
Score

1^/10
behavioral10
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/Resource Hacker.exe
- Size
  
  4.1MB
- MD5
  
  c6391727ae405fb9812a8ad2a7729402
- SHA1
  
  83693dc297392c6a28f7f16d23414c6d62921711
- SHA256
  
  d98fbfca17f194400d19111e4813340e6666b254b99f833739b661a4d2d0217c
- SHA512
  
  7a4e2ff93d853415d433f5e90b36959c78b77590aa1fa00753831eb4d01cb1a972bb9e39eb8dee5b216005e7709eacda51c0c410aacfe37fcdb163603fd36570
- SSDEEP
  
  49152:CVQvQX7tXewSaMd3U32VYBZH9p8djP1S2RsT//mQHtbNqS0:CV2QpEBjPpRctHtbNq
Score

1^/10
behavioral11
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/dotNET_Reactor.exe
- Size
  
  5.9MB
- MD5
  
  a7d69d6ddbe2586d698ebdf7f49c1afa
- SHA1
  
  7b87de25c982d0cc42a1dde89790cd34acbcfd2e
- SHA256
  
  79f190a51af8a463f13ddd5a76947cf7ba2adfb8e231b37c5e0968602217a62b
- SHA512
  
  2d4fb34f83d9794c38ec39f12f78b8d7c5af331aea475eaecf589f95c9e1849196a8d5252a7f9beaa596bb34ddc0c94b76a6c9092dc0fb93ec6b0af9fb66226e
- SSDEEP
  
  49152:VXl2PFBegFNFLua2gBxnnim//7rF31inFhyNkLObEECwc0mjZ5tzCo3Eh5pfO+pD:VW5nnim//7uvwCt5tuo32v
Score

7^/10
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral12
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Extensions/mpress.exe
- Size
  
  101KB
- MD5
  
  8b632bfc3fe653a510cba277c2d699d1
- SHA1
  
  d6a57aa17e5eb51297def9bac04e574c1e36d9c7
- SHA256
  
  2852680c94a9d68cdab285012d9328a1ceca290db60c9e35155c2bb3e46a41b4
- SHA512
  
  b9ea70ed984d3b4a42eceb9f34f222b722c4c1985b79b368d769fe0fd1f19f037ffebe2cf938aa98ed450337836a7469d911848448d99223995f7fb3a9304587
- SSDEEP
  
  3072:S0+mlNniJkkKcfqBOb65VgB183gUGQ340HpL:SvmlNn4kkeOAVA1rUGh0Hp
Score

1^/10
behavioral13
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/FastColoredTextBox.dll
- Size
  
  331KB
- MD5
  
  7d315038da4cb77039dc315c64946e22
- SHA1
  
  c213bf396157ef97c23a751aebcabfb26f34b7d0
- SHA256
  
  777c68c5c47cf91e18583a0fa50b556b1551898a07097f296a0811943a493fa6
- SHA512
  
  794a8f00629f083edf3a7c20fb22fc29a13e1c6822bffcc0696918b7b999a53483d867ea6b7ee08352b4ddfc21c75f03a68a6b45ccab8c4b2ccf582383a6b87e
- SSDEEP
  
  6144:0IhBMO76XPxAn90aIqEokJEBNfxfXsrYGeBcHeDsGLPDJ:04cCNNGeMrkD
Score

1^/10
behavioral14
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/IconLib.dll
- Size
  
  59KB
- MD5
  
  45ecaf5e82da876240f9be946923406c
- SHA1
  
  0e79bfe8ecc9b0a22430d1c13c423fbf0ac2a61d
- SHA256
  
  087a0c5f789e964a2fbcb781015d3fc9d1757358bc63bb4e0b863b4dffdb6e4f
- SHA512
  
  6fd4a25051414b2d70569a82dff5522606bfc34d3eaeea54d2d924bc9c92e479c7fda178208026308a1bf9c90bee9dbcaf8716d85c2ab7f383b43b0734329bc8
- SSDEEP
  
  768:WhZeVOIr9zmWGODfqED8zOJI+IpXgJKCAyEpd+rnwTIQJAqLiA4B0FdIOFMBC3Wd:EP1m3KpOKSEp1TzCaFiPBhlg36eiikN
Score

1^/10
behavioral15
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Plugin Compiler.exe
- Size
  
  534KB
- MD5
  
  fb315d1ae339c9506033026e78500199
- SHA1
  
  97dc5017a8a796750567fcd7b5bfb4be2233a5ae
- SHA256
  
  2f4fd04bbf02ef75845bfb287e5abc4fb7ae9a81776142b573eadadbf28fbe81
- SHA512
  
  895fc9f3c10bcab8c30fd7773820130b7d8d7e2145226052fedbb210b564db39e9078666762836235a8c6c40c49a3bb2b41f49f7753c97c2f09370a0327e154c
- SSDEEP
  
  3072:L+xuB9c7YdbMKsPcomyThhKq1+oXL8/xeAdLdZPn9Cc:Sxu7c7YdbMKsPcomyThwq1+w1Yn/9
Score

1^/10
behavioral16
- Target
  
  CH.dll
- Size
  
  85KB
- MD5
  
  3cf686a89451820fd1aaa34e3cd15c1d
- SHA1
  
  36f04e9d155c661b16cb3a8c4eb8e1950a555848
- SHA256
  
  59136d6e292fe002ebf47a44bacc9b8ad76f87ce19cf8bd51e27a30fd1df91d8
- SHA512
  
  1ad21b80205ffab58f30f26bda51b80917a392b65bcf49bd6e9a4dbe9f04034e13673cb5f44b65f646294b98a7e14c044adeb687558098650f1920af10588d65
- SSDEEP
  
  1536:JiJgZqtGU0unGpqJi+A9vcKQdC3ZAg8q:Jek/pqJir9vVnr8
Score

1^/10
behavioral17
- Target
  
  FM.dll
- Size
  
  45KB
- MD5
  
  ab93e73af3e9a13bc45d5c9f2f00103e
- SHA1
  
  01daeb46e4be37bca355010139759f29b45685e6
- SHA256
  
  4b318960abb9e0b1b78a21029bd328e91e366953d295257c27799d4bc9912e58
- SHA512
  
  3a434032cc970529ee2d1146abcf22b6dee270a7f4440c2f2e1ad2d23a4bb86163a37fdebfa7b64fca0501acf96db2c7f13d360c33ae1aaee8dc13550c7e53da
- SSDEEP
  
  768:hlOfJl4yHE2QY+uBYTlR7wEOO6E69Mcp344hQd:rqk2QY+dTBOOI9Bp2
Score

1^/10
behavioral18
- Target
  
  KE.dll
- Size
  
  14KB
- MD5
  
  cd35c1b8ea209655b6cab2b15cd92009
- SHA1
  
  1f06237504739d5de454b730048c4b9ed700b68b
- SHA256
  
  e064540bf40bd00d0a6b5690cbc8e4f08b04f8131f93daa8f256ef0719764e5a
- SHA512
  
  7cdb5458d5fe1b4d8367093e43641a3571343a8bbb7c0db525cfb37203c25829cb87532298d0d111b2f4e99a6bf60618f8f2a16299bdc597421fa28bb71f3480
- SSDEEP
  
  192:AP1reP5lRvaQg/JW5yR538AIKMetpd/g6jQJF9pmK768OhEOULs0slaAH5:AtS1orIKNhWr9pReNus/aA
Score

1^/10
behavioral19
- Target
  
  MC.dll
- Size
  
  52KB
- MD5
  
  6be03e38cd7f7d427cbb2e4388fea5dc
- SHA1
  
  9041e71a36568cb59d4a56ecdd6f6683945a191e
- SHA256
  
  2dd148118f036a170e651b2f37ebec4d1ca0a8045d23b140e7c19f48d62c2d33
- SHA512
  
  2b3379b41b67dbd9351ee9eee325f1f43de7912cc8e0f4d715f2606d756deefe150256529efe5abfb078be1a6057f915103181a7049808508a004e8b3c3f74ea
- SSDEEP
  
  1536:/z3FRYGoemQTxqPb2waAnWYeICxZj8uW:/z3FRpTxqiwaAWYep8
Score

1^/10
behavioral20
- Target
  
  PA.dll
- Size
  
  13KB
- MD5
  
  1a4482b724ceaca8019f0e6659005fa6
- SHA1
  
  3816abd67d1b6fbaf9e2e2506d31fc5ea035da00
- SHA256
  
  900a28a13cb1cae326273de9c2180cd1462a5680d9d9f2d34e3b7f677afcf01d
- SHA512
  
  9fe5af3c14ec7f2fbddb772b4028af8fc501c6ad161741efc0384c458b6cc89f8bcf223b0c8a1bd157a722fb8af309dbabc7e8792adc84bff88433c1f3c6725f
- SSDEEP
  
  192:smiKEGfY6RvUTTsPpPJOY1f4Qt/Ra1EEZ9JSM0Y2Wl:ji3FTsRhOW9Ra1EU9orYn
Score

1^/10
behavioral21
- Target
  
  PW.dll
- Size
  
  33KB
- MD5
  
  343a967dc2f72aae5bd38e31853eb5bb
- SHA1
  
  157af1444dc283e384fad356a3720d4098371277
- SHA256
  
  b1218070600bf2fc65434b739eababf1d4f1001e04c36aec840951a4c431284f
- SHA512
  
  325148520709b3468f0cc568d08af5f56191994f8ebdc03c1764e5128b9b7eb8c722cdeb0bec0b9ccbc48e0f54178625155041ad551ede9cdb0fa5de2480414f
- SSDEEP
  
  768:5cRBRihvbNR0duUmQMpSEcJtoUXy+Pgt8:5PhvbLUmxpSZocy+ot8
Score

1^/10
behavioral22
- Target
  
  RD.dll
- Size
  
  13KB
- MD5
  
  38dfadb39dec9f434044c8c51385c238
- SHA1
  
  9b43f121e80eefe0766502427668e7be7b3fbe7b
- SHA256
  
  53e975a0e865c9de8b77dfd156006f34d2d8d7d2a749906a126b6ceefb410fa4
- SHA512
  
  8bc4f990a448c398275426d61a48c608b4ed0000bd735701d4d8452efaa324cea089d7395849ed6121a5efdaf8a0d4de21f403c51c91a707668f4d34707dbc69
- SSDEEP
  
  192:cXW6fEIBY/1UL0fiB4KAvjdsCKulq/OBOXZ88wEbRO83MquVDFPlxB+:qZ8IZBAvNfByZ88wqO83ruFv
Score

1^/10
behavioral23
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Revenge-RAT v0.3.exe
- Size
  
  13.7MB
- MD5
  
  531d8b4ac8f7eb827d62424169321b2b
- SHA1
  
  a269563cbfa32b667f89d709eebc0b6c08b57272
- SHA256
  
  6b2324bb337f722067e6c1b5cef5f64e89338e2beccf95289aaaa2af8a0556b9
- SHA512
  
  24fb3d7430cdd6fa4a80af2982f4334db722e97a0286e97bfc56600d27598710962641837a368a133d6f6a4bd8372f00e9dd49e9c79de14653cbf7360c3e2872
- SSDEEP
  
  98304:HsCsgsZshXVTRZjqFzlV2QpEBjPpRctHtbNqteTzsx9os5nsdhT9s:TRZjq7gwtW9Zi
Score

1^/10
behavioral24
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/Theme Compiler.exe
- Size
  
  489KB
- MD5
  
  32ca48211b21af0bcc003d4433319671
- SHA1
  
  17e7c3362bc9663ddd10a1add0b5f42bbe51bf83
- SHA256
  
  19c95ad5cf50f8c8273fcd4179c4878ebede832f9234955ac4fd4233b5b6a693
- SHA512
  
  7ce094cd520e5074ec45b9eb23a09e2adc177233de0f17e63cdca124817c3dab4e412c3868aaf24b3efdf67ab7c7f00409bceb38ed5fcfbfc7673de3632b866e
- SSDEEP
  
  6144:qu7c7YdbMKsPcomyThwq1+wtmNG6M1OmN:qu7XdbM50omyhVAi
Score

1^/10
behavioral25
- Target
  
  Revenge-RAT v0.3/Revenge-RAT v0.3/WinMM.Net.dll
- Size
  
  43KB
- MD5
  
  d4b80052c7b4093e10ce1f40ce74f707
- SHA1
  
  2494a38f1c0d3a0aa9b31cf0650337cacc655697
- SHA256
  
  59e2ac1b79840274bdfcef412a10058654e42f4285d732d1487e65e60ffbfb46
- SHA512
  
  3813b81f741ae3adb07ae370e817597ed2803680841ccc7549babb727910c7bff4f8450670d0ca19a0d09e06f133a1aaefecf5b5620e1b0bdb6bcd409982c450
- SSDEEP
  
  768:LyasDzF2TDSemqD9tGI+ffwj2Au0LVpqmf7KxcOOrYCPTxqPb85:LyaXKemqD9tGI+ffwj2Au0LVpq4KWrlv
Score

1^/10
behavioral26

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

UPX packed file

Loads dropped DLL

Drops desktop.ini file(s)

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26