revengerat | fd417acca6c0930c5f7657083ce417f6_JaffaCakes118 | Triage

Sharing

General

Target

fd417acca6c0930c5f7657083ce417f6_JaffaCakes118
Size

149KB
MD5

fd417acca6c0930c5f7657083ce417f6
SHA1

cdf67da375fd93c93655d7c2de47dedb5b18d1ba
SHA256

ce4f49c2bec023441edee2ba6c91dfaab326febd80f0db120e0d793a1f0ba3ab
SHA512

27779610b48250f3f9e5ea1baeb9fdbecaa4ad0e7726b50a3d4b52dea40cc8643e3662342b61566ef64c16015b9c75009c60aa382d94a3c238282298d192c352
SSDEEP

3072:9G2Gdbl+xjXwHBTY+se4tbmtU1AbK0szGwEic2aN9wXRh7hDu83NZkEk+T6:whF2w9GsEfW

Score

10^/10

stealer revengerat

Malware Config

Signatures

RevengeRat Executable 1 IoCs

resource	yara_rule
sample	revengerat

Revengerat family
revengerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd417acca6c0930c5f7657083ce417f6_JaffaCakes118

Files

fd417acca6c0930c5f7657083ce417f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\VBNET\MC1.6启动器\MC1.6启动器\obj\Release\MCLauncherBN.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ