Extracted

• • Target

    f620cd8901cd04cff78e05aa10cd2685_JaffaCakes118

  • Size

    17KB

  • MD5

    f620cd8901cd04cff78e05aa10cd2685

  • SHA1

    a7f977496659b59c898bf9417be035899d4cdfc8

  • SHA256

    9efab4037a6642d39a7abf3c5e561a91d350017b0dc2c1b3929e2655686dd330

  • SHA512

    fb555458dee028f7bdf7c2dc6a772982e8f7fd72ab504509e3d6cdd21cb872ff898487ce82c3d31d689ee9c7600e314f879de4b18265be779d545a441ee195b6

  • SSDEEP

    384:nJ7Jt6iJXyhIlVTIPIvnbispo2qycLu2s2:nJ7JtzCqdIomZa2

  Score

  10^/10

  revengeratmikoedpersistencestealertrojan

  • RevengeRAT

    Remote-access trojan with a wide range of capabilities.

    trojanrevengerat

  • RevengeRat Executable

    stealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2