revengerat | 586675b05d6fe0a4e3719b4d1c34a751[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

586675b05d6fe0a4e3719b4d1c34a751.bin
Size

7KB
MD5

141a4eabe4ec38be10bd13fab878a4e2
SHA1

b44f0ae948d546c93b704a5c4704175c85888c75
SHA256

53b63bd9864ee43174f837a620f8eeb192f24e1a0fb40be5408cf8e9878d9243
SHA512

4f8b60afaa99309fd66f8569b6864ce0639c242d0d011cdbbd57941f0c9c839f65473186280abb5d378dd25bc575125ccc06bb423b73d17ef72b4500c1ac673b
SSDEEP

192:DI9nOGZh/HVYzhjqeoWiv7j23Jjzdl+nt:DmOGZh/ezh2eziOZjzdC

Score

10^/10

nyancatrevenge revengerat

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

alice2019.myftp.biz:7575

Mutex

2d4c6a4fc5e1455e

Signatures

Revengerat family
revengerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/60c30150ed574e2afb00acf25819d85bba6e2f646f6a785ef2ffe4326bc52e5d.exe

Files

586675b05d6fe0a4e3719b4d1c34a751.bin
.zip

Password: infected
60c30150ed574e2afb00acf25819d85bba6e2f646f6a785ef2ffe4326bc52e5d.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ