Sample analysis report-RevengeRAT fileless landing attack - Code World

Sample analysis report-RevengeRAT fileless landing attack

Others 2021-03-30 00:35:04 views: null

The sample appeared on September 6, 2019, and the sample analysis report was on September 16, 2019. The sample comes from the foreign sandbox app.any.run.

Sample information

FileName	FileType	FileSize	MD5
Order____679873892.xls	RevengeRAT variant	41,472 bytes	7641fef8abc7cb24b66655d11ef3daf2

Sample behavior

Insert picture description here
After the sample is started, there will be a safety prompt to start the macro function.

After the macro is enabled, it prompts a runtime error, and the prompt title is Microsoft Visual Basic. From this, it can be inferred that a certain error occurred during the execution of the VB macro code.

Attack flow chart

Guess you like

Origin blog.csdn.net/qq_43312649/article/details/109747973

Sample analysis report-RevengeRAT fileless landing attack

Fileless landing attack

[Translation] APT Analysis Report: 04.Kraken-New Fileless APT Attack Using Windows Error Reporting Service to Avoid Detection

Talking about Fileless Attack

python data analysis report sample, python data analysis report + code

word sample analysis

Simple analysis of a .net sample

Triathlon pcp sample analysis

Triathlon pcp sample analysis

Qubit attack analysis

Sashimi Swap attack analysis

java memory analysis Sample 1

A* algorithm analysis and introduction of sample questions

& ESD test sample report

Enterprise information security triathlon race sample questions (attack phase)

Paper Intensive Reading——Invisible Backdoor Attack with Sample-Specific Triggers

Information and content security experiment - adversarial sample attack experiment

Network combo attack modeling analysis

Devastating DDoS: Analysis of the attack and defense

Analysis of CBC byte flip attack

Analysis of an example of an attack on the recommendation system

[Translation] APT Analysis Report: 05. Turla New Watering Hole Attack Backdoor (NetFlash and PyFlash)

Analysis of landing scenarios of IoT platform combined with blockchain

Alibaba DevOps landing practice gameplay and thinking analysis

Four kinds of attack mode (attack type) in the [Burp suite] intruder analysis!

End TTS synthesis: Synthesis of Sample Analysis

Android input method official SoftKeyboard sample analysis

[Forensic Analysis] Virut Sample Forensic Features

SpringBoot file upload sample code and process analysis

The underlying implementation and sample analysis of MySQL triggers

Recommended

Ranking

ASP.NET Core storage session to get any value

Linux has disk space but shows insufficient inode usage in Linux

Oral English 433 Twenty English Words Every Day

The use of common transforms in Pytorch

It's Graduation Season II again

Introduction to OracleDB 6: Use DB LINK to clone non-CDB into CDB architecture

How the report generator FastReport .Net uses code to create reports

My Live Writer Plugin - insert monkey face

DCM's diagnostic services dispatcher (DSD) a Detailed

Java NullPointerException when using scanner.hasNext();

Daily

More

2024-05-23(35)

2024-05-22(9)

2024-05-21(35)

2024-05-20(5)

2024-05-19(0)

2024-05-18(31)

2024-05-17(6)

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)