revengerat | e86fc9cf8d6286fd818a8b39400045fb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e86fc9cf8d6286fd818a8b39400045fb_JaffaCakes118
Size

150KB
MD5

e86fc9cf8d6286fd818a8b39400045fb
SHA1

37d9ce571f576804a7b51f1c9ce0cd8d47afc138
SHA256

325e0cb5a439a99797b0312111ec92fbd96d5d86ecee83481fe09b2bf57f10be
SHA512

ba15e82dd3d595d02cffdd0fc5e11995129acf55c221da4be0734d89ce502e50cf1cc0be212d2851c06cb5fc2201f419224b0020e6b6fa94e9622516764cbfdf
SSDEEP

3072:s1YEPRoip3YDYvJPbHVYOY1dZaioWEZHoj4sVf3qGba6EYE:uYAyeIDYvJPbaO4DaiLyHSb/banY

Score

10^/10

stealer revengerat

Malware Config

Signatures

RevengeRat Executable 1 IoCs

resource	yara_rule
sample	revengerat

Revengerat family
revengerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e86fc9cf8d6286fd818a8b39400045fb_JaffaCakes118

Files

e86fc9cf8d6286fd818a8b39400045fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Pendriver\Crc DesckVB Rat\V2.9\My Stub\Microsoft\obj\Release\Microsoft.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ