Overview

overview

10

Static

static

7

c85e9223f3...18.exe

windows7-x64

10

c85e9223f3...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c85e9223f39a45884260c78b0b5d45fa_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240829-hb5ftazenm

  • MD5

    c85e9223f39a45884260c78b0b5d45fa

  • SHA1

    e9b9a1d025a31a82041ab39591a02a76ced55af4

  • SHA256

    2d0d5e5d693fc60c43558582dad0e4e3970e8ea48dd4cc617e6e970632d642d3

  • SHA512

    46055f813d8361aa8897bd1fb6b9cb173332e57ed8c54e7c9c3748d3b301239e4b446eb6b437ccea9084815a4efecef007b3fec002a567d16b826ee1ef0b19e3

  • SSDEEP

    24576:Oq5TfcdHj4fmbpD2q1+Vf3oVGUG5y6zl8O3uXWVpA4yozB1B:OUTsamRxMf3oVGUGfuXYAQ

Score
10/10
revengeratdiscoverystealertrojanupx

Malware Config

Targets

    • Target

      c85e9223f39a45884260c78b0b5d45fa_JaffaCakes118

    • Size

      1.3MB

    • MD5

      c85e9223f39a45884260c78b0b5d45fa

    • SHA1

      e9b9a1d025a31a82041ab39591a02a76ced55af4

    • SHA256

      2d0d5e5d693fc60c43558582dad0e4e3970e8ea48dd4cc617e6e970632d642d3

    • SHA512

      46055f813d8361aa8897bd1fb6b9cb173332e57ed8c54e7c9c3748d3b301239e4b446eb6b437ccea9084815a4efecef007b3fec002a567d16b826ee1ef0b19e3

    • SSDEEP

      24576:Oq5TfcdHj4fmbpD2q1+Vf3oVGUG5y6zl8O3uXWVpA4yozB1B:OUTsamRxMf3oVGUGfuXYAQ

    Score
    10/10
    revengeratdiscoverystealertrojanupx

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • RevengeRat Executable

      stealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks