General
-
Target
Client.exe
-
Size
16KB
-
MD5
94d5b8d4696dd2db0e62fedf24b7070c
-
SHA1
7affa1b18e9bf047514b652e0c863402cae2e80d
-
SHA256
b1fc7fffdccedc610ca8bf87d30224011714274447e2bfa469171ec5e8027de4
-
SHA512
4c06c1cdcf4e7867bdab42c0fd4d1ac16d8aa238e8c1a9e73166c0281ddadb596cb3c8f194257aff923ce8579358ffffab4f9d08e934215c8e78fd488b4893a8
-
SSDEEP
384:Te/5gtLhlVD/Ng7b9oDPlMNcLlb5sVKXyI5Ct:Te/5gphlVhWclMNEJo
Malware Config
Extracted
revengerat
TrapNET
44.33.44.33:333
67REeserssee3
Signatures
-
RevengeRat Executable 1 IoCs
resource yara_rule sample revengerat -
Revengerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Client.exe
Files
-
Client.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ