Behavioral task
behavioral1
Sample
c70361c5f5187d013805c57b1667e9c5_JaffaCakes118.exe
Resource
win7-20240705-en
General
-
Target
c70361c5f5187d013805c57b1667e9c5_JaffaCakes118
-
Size
708KB
-
MD5
c70361c5f5187d013805c57b1667e9c5
-
SHA1
e62bec87f0f05de22b086ed7c1fb3b9fde295e70
-
SHA256
ddeed3d9b0b118f2b7220f89432707a34fd184f47d5d32bde3fb61ea2f41fbf9
-
SHA512
a4a5e9fa98cae93b3d12d419ef0423794871bd4c6e120b2a079d2605bed7ebd084d3160aaa00896b03b0e837e89695a5cd08823538842799ab61fa5ff358cb27
-
SSDEEP
12288:muQ92irZpj84UKbxX5EBuvbVwwEKar4nrWQgr/0pZ12Xx:mciTj84fp6uvbVwwEbYrWnYpq
Malware Config
Signatures
-
RevengeRat Executable 1 IoCs
Processes:
resource yara_rule sample revengerat -
Revengerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource c70361c5f5187d013805c57b1667e9c5_JaffaCakes118
Files
-
c70361c5f5187d013805c57b1667e9c5_JaffaCakes118.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 690KB - Virtual size: 689KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ