Overview

overview

10

Static

static

10

f0794d5310...18.exe

windows7-x64

6

f0794d5310...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f0794d5310c299d4ac102beda80eaea9_JaffaCakes118

  • Size

    24KB

  • Sample

    240415-g8sylsge94

  • MD5

    f0794d5310c299d4ac102beda80eaea9

  • SHA1

    b308cb9f762bc27ce502ae5c9ed7deab7885f028

  • SHA256

    3bf2c814ade54ce77c12ad089043709d78281e6b0433fbbd8010663e01a976b8

  • SHA512

    1c5b323f445c258a1db87621e68c479b526f72097f3025b2698a06d6c6da1f4fc5ab5967d2a09d5de5b616c174456f886f83404251f11af9c371700d742390e4

  • SSDEEP

    192:QNrAjPzOpqUg7oGtl7E3cCVLGxjMPeuxVGpwHVboitxI0:QNrAnAELb7r+u1Iu6FoizI0

Score
10/10
revengeratlimerevenge

Malware Config

Extracted

Family

revengerat

Botnet

LimeRevenge

Mutex

287-bc82-711e6d8a5a90

Targets

    • Target

      f0794d5310c299d4ac102beda80eaea9_JaffaCakes118

    • Size

      24KB

    • MD5

      f0794d5310c299d4ac102beda80eaea9

    • SHA1

      b308cb9f762bc27ce502ae5c9ed7deab7885f028

    • SHA256

      3bf2c814ade54ce77c12ad089043709d78281e6b0433fbbd8010663e01a976b8

    • SHA512

      1c5b323f445c258a1db87621e68c479b526f72097f3025b2698a06d6c6da1f4fc5ab5967d2a09d5de5b616c174456f886f83404251f11af9c371700d742390e4

    • SSDEEP

      192:QNrAjPzOpqUg7oGtl7E3cCVLGxjMPeuxVGpwHVboitxI0:QNrAnAELb7r+u1Iu6FoizI0

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks