General

  • Target

    1f5ea06e1c469341653dbec2e519e573_JaffaCakes118

  • Size

    16KB

  • Sample

    240728-x7wacavaja

  • MD5

    1f5ea06e1c469341653dbec2e519e573

  • SHA1

    37284c7805b0044e2c8f7a1ebf486f53c1c8721e

  • SHA256

    6e583adac8898dc310ba84f6feb3c1c3582ca89b36297cf797959b7763964a10

  • SHA512

    ce2b81f253499f95f2b430713978e76393219472d80806cb4ef6df6d3d2ecccd03bfcbe851e2c16fbaa8a02d6ad7cc10804f3cea36cbf1dbf0b7c32df8697d7a

  • SSDEEP

    384:52/mDvD2lVzGOGUn9muhNculb5s1AwiNym5Ct:52/mDvD2lVt3wuhNfSso

Malware Config

Extracted

Family

revengerat

Botnet

PARROT-SECURITY

C2

2.tcp.ngrok.io:18683

Mutex

RV_MUTEX-krWydXrPoStk

Targets

    • Target

      1f5ea06e1c469341653dbec2e519e573_JaffaCakes118

    • Size

      16KB

    • MD5

      1f5ea06e1c469341653dbec2e519e573

    • SHA1

      37284c7805b0044e2c8f7a1ebf486f53c1c8721e

    • SHA256

      6e583adac8898dc310ba84f6feb3c1c3582ca89b36297cf797959b7763964a10

    • SHA512

      ce2b81f253499f95f2b430713978e76393219472d80806cb4ef6df6d3d2ecccd03bfcbe851e2c16fbaa8a02d6ad7cc10804f3cea36cbf1dbf0b7c32df8697d7a

    • SSDEEP

      384:52/mDvD2lVzGOGUn9muhNculb5s1AwiNym5Ct:52/mDvD2lVt3wuhNfSso

    Score
    6/10
    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks