revengerat | 69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533 | Triage

Sharing

General

Target

69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533
Size

865KB
MD5

9bf34514244260bce084d6f18e3adacd
SHA1

e2349dfbb30d156de128e4e34ce4b6bb8e004164
SHA256

69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533
SHA512

089ef4533b60764f532e2d3288ab9c66a7f97945847a4613714028e315586effc202aa04475f4e88ddc3fd3ff38f7e359d3f0e821a2d4cf44385c41c391e184e
SSDEEP

24576:4ebQxoHOQxLHkTyauWWtZt80OIXWtZt8:CxK7HkDuWIt8UXIt8

Score

10^/10

stealer revengerat

Malware Config

Signatures

RevengeRat Executable 1 IoCs

resource	yara_rule
sample	revengerat

Revengerat family
revengerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533

Files

69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Director\source\repos\AISongs\obj\Debug\netcoreapp3.1\AISongs.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 734KB - Virtual size: 733KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ