Overview

overview

10

Static

static

10

c790902fad...18.exe

windows7-x64

6

c790902fad...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c790902fad99bd96b57f5c154c68af06_JaffaCakes118

  • Size

    16KB

  • MD5

    c790902fad99bd96b57f5c154c68af06

  • SHA1

    c4e0ae3c3b1c68aa7dc70be48d1d692ddf4bebd7

  • SHA256

    c3ce6ec95166597c6d7eb1c76446ac0efc8c52f77262329bb33b76df4bab72dd

  • SHA512

    42b76828ac49ea4f7f1f1a4817de463ede64f561713c7507e77b4406580e07bb7fe396039b67de64061a7a1b4d6ae78747149f02cec6dc705dd0e3fdeb8ca49f

  • SSDEEP

    384:oJfTZMRYiVdf2QyYIz9muhNculb5s3f0byy5Ct:oJfTZMRYiVdu3hwuhNfoAo

Score
10/10
stealerguestrevengerat

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

0.tcp.ngrok.io:9753

Mutex

RV_MUTEX

Signatures

  • RevengeRat Executable 1 IoCs
    stealer
  • Revengerat family
    revengerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c790902fad99bd96b57f5c154c68af06_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections