General

  • Target

    3fad2378feab32b6d3f8b955d98038b2_JaffaCakes118

  • Size

    18KB

  • MD5

    3fad2378feab32b6d3f8b955d98038b2

  • SHA1

    626d2a65d0c22ad510445171234d314bf93d0a2e

  • SHA256

    a62eac7125d6a8e953325e4408f6f6ab187c808f9bfc0334e4d8723fae97c021

  • SHA512

    4436ac40b5042eb768285dfdb074453a5431a145d24ec3b7211f296a00d09ec60f4fcf5a9e71ea02769df5f6598069bb8bbc2f425ddd777a168e51adb68c6cbe

  • SSDEEP

    192:cZh9iPRuyEmDYGpMtLYOzgfwN4rUMGA5+bc7+jR9nsVVI+1k1ygJtac:MhEMyRYGKtLUlxGC+bXsVK+1k1ygbac

Malware Config

Extracted

Family

revengerat

Botnet

Builder

C2

hotkey.ddns.net:1177

Mutex

RV_MUTEX-LIELecwCkjosnK

Signatures

  • RevengeRat Executable 1 IoCs
  • Revengerat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3fad2378feab32b6d3f8b955d98038b2_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections