Overview

overview

10

Static

static

10

d70017e8f5...18.exe

windows7-x64

10

d70017e8f5...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d70017e8f5ddabf929afb1d001630387_JaffaCakes118

  • Size

    17KB

  • MD5

    d70017e8f5ddabf929afb1d001630387

  • SHA1

    e011f34109a0185fd5bb59fde048d1bf7034da47

  • SHA256

    db65280d39d7bec4b985279f393746e63b1298459d72012e63e94947b49e516d

  • SHA512

    3cba6acb676ba10842d2525dc22b3c803896628982d238934796a4ff85c277cec2f8a42a6e670932749110d1f445f7e7fcc3235f80f313b6b189cbb0b22ff60f

  • SSDEEP

    384:fsTbhGnq1JXsoEIPJvnbisVKwMy+Lu2s2:fsTb+a5kIRmza2

Score
10/10
stealergodsplanrevengerat

Malware Config

Extracted

Family

revengerat

Botnet

GodsPlan

C2

127.0.0.1:333

127.0.0.1:4040

69.87.219.76:333

69.87.219.76:4040
Mutex

RV_MUTEX

Signatures

  • RevengeRat Executable 1 IoCs
    stealer
  • Revengerat family
    revengerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d70017e8f5ddabf929afb1d001630387_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections