Overview

overview

10

Static

static

10

f505850a10...18.exe

windows7-x64

10

f505850a10...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f505850a106a302f7a4ae64686ed7137_JaffaCakes118

  • Size

    177KB

  • MD5

    f505850a106a302f7a4ae64686ed7137

  • SHA1

    6f78c054be779ea4cbcd6100e9f4004dd1d65fed

  • SHA256

    6fa664b3e6255c4f32e6142aa9c23d968e9b1ec58efab5ff1bb30601d08c77cc

  • SHA512

    24c587db202660e8a8d571a3c8cf9667dc9af49046effaedf3318dbfbc91ed9db1d89b47bdd44197a8e4e155e6849b6688cdb89633daeb4d7a7d75bfa5c98bd0

  • SSDEEP

    768:/JUkZ5upgG1i6tTBcdAHZk8ZwLYbDG96e9l:p5SU6vIuk8ZbyFl

Score
10/10
stealerguestrevengerat

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

coelhinhohacker.ddns.net:4040

Mutex

RV_MUTEX-uClgZblRvZwfRt

Signatures

  • RevengeRat Executable 1 IoCs
    stealer
  • Revengerat family
    revengerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f505850a106a302f7a4ae64686ed7137_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections