revengerat | b6b4e1c4ec307bb547181dd4f485706a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6b4e1c4ec307bb547181dd4f485706a_JaffaCakes118
Size

847KB
MD5

b6b4e1c4ec307bb547181dd4f485706a
SHA1

f070489b40f1c1420bb9525c0e98f94ab4bd9085
SHA256

4703ee39ff62cb251299b25f3470e7e8ed47f40d3d2eee6982648a1aa8d2f4f4
SHA512

befced49a8c4599eabcab8c2385caded18a5dc25867c9b47dd804e94d22872b68cae3f44e060b63f340b542cf30c18adc431142c08388328ed31074e307c1a14
SSDEEP

12288:Nh+asija5ILhBsfK5lSywI2/2OCRT5AH/fHQCK1A4GAs7cOCN5kPyG5:NLaKLKfywI2+9e/fHHz4Gp7cOCN/a

Score

10^/10

stealer revengerat

Malware Config

Signatures

RevengeRat Executable 1 IoCs

resource	yara_rule
sample	revengerat

Revengerat family
revengerat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6b4e1c4ec307bb547181dd4f485706a_JaffaCakes118

Files

b6b4e1c4ec307bb547181dd4f485706a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\tuann\OneDrive\Source\PSEO\PSEO\PSEO\obj\Debug\PSEO.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 827KB - Virtual size: 826KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ