MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dcccd5e29b6209cec0a993bfa4e23c5635bf2edecf3cc3102b12ae1771e33eda. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


RevengeRAT


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: dcccd5e29b6209cec0a993bfa4e23c5635bf2edecf3cc3102b12ae1771e33eda
SHA3-384 hash: 2c773843c678bad508c2d32cefec88ba3e84d4c6b746a8e1004e474f6827dddc55f6bb71a060c11c2a7279be29cad935
SHA1 hash: 75a0eef72f700bce8a582feb570d2156bc79bb64
MD5 hash: ac364d705c3202a741f48eff258e0338
humanhash: bluebird-jersey-harry-winner
File name:ABDPbHSV.exe
Download: download sample
Signature RevengeRAT
Create hunting rule
File size:16'896 bytes
First seen:2020-03-22 02:56:13 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744 (48'747 x AgentTesla, 19'638 x Formbook, 12'244 x SnakeKeylogger)
ssdeep 384:1FVK58y3CtNNLTnrX9oDPlMNcLlb5sVKNynY5Ct:1FVK5nStN1DclMNEIYo
Threatray 61 similar samples on MalwareBazaar
TLSH FE72E69777F8A922C1BD33BC442521156B75874FD621CB5E19E980FBE7A33C1AA802D1
Reporter johannes
Tags:RevengeRAT


Avatar
viql
revengerat via https://pastebin.com/raw/ABDPbHSV

Intelligence

File Origin
# of uploads :
1
# of downloads :
297
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Trojan.RevengeRat-6344273-0
Create hunting rule

Win.Malware.Zusy-6804067-0
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Revetrat
Create hunting rule
Status:
Malicious
First seen:
2020-03-22 06:50:16 UTC
AV detection:
29 of 30 (96.67%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=3tgnlyu3mie45qfjso72jyr4ky236lw6z46mgeblckxbo4pdh3na._file
Verdict:
malicious
Similar samples:
09dc0634f467ebdef6a6094068a66d81f5af6577de7d6f1ed6da31c8e77195b2
RevengeRAT
0f0ad0df89b895ae4e7ad72b7d6bbea015fe566fe98b577553cb95cd3fb96766
RevengeRAT
291bf31470c9bcacec467c980adb7a3d111ebb6b72cf07147884a7eae5cabde9
RevengeRAT
31b10f1a4a6bb1e74af48d786c3c5957d1fdde4307adb24d5cbf06f278fc18ae
RevengeRAT
61772167a95f7d7eb84337c06144cbba21b88b0ace8ef24d59426c7a50e6acc6
RevengeRAT
6ebe2626d66a590a572cca546c2b1c472f5e1b7db26f89cc8f6f073125fe82c5
RevengeRAT
8efd6f95c39e86627b1f9cc553fa7bed152dbf4788662bee15d3b5bdf0c1b79e
RevengeRAT
b92fe7309b229fc2894d3b10b0a9cd148fb1b4214bffb3b0bd16ef219f21f632
RevengeRAT
c7bf30d34e0e14112c582d3b55aafabdfb00f563be001f3e1ab4e5d04b5c0271
RevengeRAT
d9a9a7ab99db0946ecb0f5f398eddd0d820ffbde0105164064e168f1ea73ba26
RevengeRAT
+ 51 additional samples on MalwareBazaar
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://pastebin.com/raw/ABDPbHSV

BLint

The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.

Findings
IDTitleSeverity
CHECK_AUTHENTICODEMissing Authenticodehigh
CHECK_DLL_CHARACTERISTICSMissing dll Security Characteristics (HIGH_ENTROPY_VA)high

Comments