Overview

overview

10

Static

static

10

2016-4-0x0...ry.exe

windows7-x64

10

2016-4-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2016-4-0x00000000006B0000-0x00000000006B8000-memory.dmp

  • Size

    32KB

  • MD5

    7f12a0aa8bb68083a43b04ab295cc284

  • SHA1

    44fce48436ef6a602ee7112ac123c40ef1d6bea8

  • SHA256

    24c9c36e42254bd32425e0bdc45ca08dbb2ace1c37f583c745aa32a246a8f83d

  • SHA512

    fc9e12dc591a1eaef575154120205cfa1b73ecf0f6380284ec049d658f24dff810125bde93709e7023dfeb7b5b1ec48b206b3170a9d346095a6227e38db7925f

  • SSDEEP

    384:uOXYuboiFY9bl7oELeNsvnbqsVKZ+yNZ3s2:uOXYuPW9DLe2OtPB

Score
10/10
stealertest cryptrevengerat

Malware Config

Extracted

Family

revengerat

Botnet

Test crypt

C2

pplfoot1.ddns.net:1177

Mutex

RV_MUTEX-wpnFwUnoWrUU

Signatures

  • RevengeRat Executable 1 IoCs
    stealer
  • Revengerat family
    revengerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2016-4-0x00000000006B0000-0x00000000006B8000-memory.dmp
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections