General

  • Target

    1f5ea06e1c469341653dbec2e519e573_JaffaCakes118

  • Size

    16KB

  • MD5

    1f5ea06e1c469341653dbec2e519e573

  • SHA1

    37284c7805b0044e2c8f7a1ebf486f53c1c8721e

  • SHA256

    6e583adac8898dc310ba84f6feb3c1c3582ca89b36297cf797959b7763964a10

  • SHA512

    ce2b81f253499f95f2b430713978e76393219472d80806cb4ef6df6d3d2ecccd03bfcbe851e2c16fbaa8a02d6ad7cc10804f3cea36cbf1dbf0b7c32df8697d7a

  • SSDEEP

    384:52/mDvD2lVzGOGUn9muhNculb5s1AwiNym5Ct:52/mDvD2lVt3wuhNfSso

Malware Config

Extracted

Family

revengerat

Botnet

PARROT-SECURITY

C2

2.tcp.ngrok.io:18683

Mutex

RV_MUTEX-krWydXrPoStk

Signatures

  • RevengeRat Executable 1 IoCs
  • Revengerat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1f5ea06e1c469341653dbec2e519e573_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections