Overview

overview

10

Static

static

7

3fee95c488...18.exe

windows7-x64

10

3fee95c488...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3fee95c4881efb494dda1d22181402d7_JaffaCakes118

  • Size

    1.4MB

  • Sample

    240513-rtvh1abb49

  • MD5

    3fee95c4881efb494dda1d22181402d7

  • SHA1

    317db82aa26e8c19e518b36d9a8cb747d992c501

  • SHA256

    2cf78da58e96f4f7cd8593757857979463d0bcc8bb13a942f0344a7ef471a63c

  • SHA512

    29aa5d10dd6a08aab2fcdf80d0b0d7322660d9decdb95270c306098f7ed5645d915c97bef7f2311534c47f5d258b6b52797409be4cd872b640b9b7fc636cb45a

  • SSDEEP

    24576:Lq5TfcdHj4fmbv2qZEzKJ9TtrJLnU88MYtWYQYPx00zQJ9TtFzLnUwvSYtWYoYPv:LUTsamTx75/YtWYQYPC5KYtWYoYPv

Score
10/10
revengeratstealertrojanupx

Malware Config

Targets

    • Target

      3fee95c4881efb494dda1d22181402d7_JaffaCakes118

    • Size

      1.4MB

    • MD5

      3fee95c4881efb494dda1d22181402d7

    • SHA1

      317db82aa26e8c19e518b36d9a8cb747d992c501

    • SHA256

      2cf78da58e96f4f7cd8593757857979463d0bcc8bb13a942f0344a7ef471a63c

    • SHA512

      29aa5d10dd6a08aab2fcdf80d0b0d7322660d9decdb95270c306098f7ed5645d915c97bef7f2311534c47f5d258b6b52797409be4cd872b640b9b7fc636cb45a

    • SSDEEP

      24576:Lq5TfcdHj4fmbv2qZEzKJ9TtrJLnU88MYtWYQYPx00zQJ9TtFzLnUwvSYtWYoYPv:LUTsamTx75/YtWYQYPC5KYtWYoYPv

    Score
    10/10
    revengeratstealertrojanupx

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • RevengeRat Executable

      stealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks