General
-
Target
9bdc6f0dd016c900603d657e1e64cdbe_JaffaCakes118
-
Size
16KB
-
MD5
9bdc6f0dd016c900603d657e1e64cdbe
-
SHA1
67bd71301246fa33b916322f0bd594cb1ede6d29
-
SHA256
ed7c7b0532ef7edc3a22795f2d5d60cbd7c7a3ffda4f1810e3b8295ca2fe0bf5
-
SHA512
bbd1ac4c13b47ae76698dfc296aa24e1975a1d9cebf7b1026b7622f4eafab4bac9fead8c20ced5715b3ff664f7ebf6d08ff8609011e3b68fa88713d7e69f323c
-
SSDEEP
384:hpi1PKtl50TsvT9bVNc2lb5svIuyx5Ct:hpi1PKtlMeVVN3Jo
Score
10/10
Malware Config
Extracted
Family
revengerat
Botnet
Guest
C2
0.tcp.ngrok.io:10068
0.tcp.ngrok.io:7896
192.168.40.100:10068
192.168.40.100:7896
Mutex
RV_MUTEX
Signatures
-
RevengeRat Executable 1 IoCs
-
Revengerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9bdc6f0dd016c900603d657e1e64cdbe_JaffaCakes118
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections