General
-
Target
ClientRAR..exe
-
Size
18KB
-
MD5
feb8a94fcd8951702a69147a72bd9567
-
SHA1
403ef192d9219a4c0aaf27d613ad5947f8223c35
-
SHA256
119ad3c2e113cf060c4152600850590ecac381cb8cb61adbec03aab0089dfcb1
-
SHA512
ef1d045372a339e83727bedc2a002a7d4b9471e20ef2b2136ab111ee4e0530f65ff9aa3e81130f04d634304a949d2b2bdf8f7754c1bddb8d848a5339ece17e0a
-
SSDEEP
384:JHTpLmvRPJnMi3LauzoxEtbrsxI9DDyQBl:JHTpWL5HxT3
Malware Config
Extracted
revengerat
TrapNET
amiexposed.lol:5050
67REeserss
Signatures
-
RevengeRat Executable 1 IoCs
resource yara_rule sample revengerat -
Revengerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ClientRAR..exe
Files
-
ClientRAR..exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ