General

  • Target

    JaffaCakes118_7a2028a2ec36eb8cd47f9c62d5d2f580

  • Size

    578KB

  • Sample

    250104-rhvdvsspgs

  • MD5

    7a2028a2ec36eb8cd47f9c62d5d2f580

  • SHA1

    3e639c1209d81cbb9be4c5fc4ddd4b942e0d97da

  • SHA256

    a7076691e7f7c664382465fe474ce5f186a730ea60a0ecf2623a88ab64bdeeb6

  • SHA512

    00d6da4735fde6b552487e55ee33cbcf7e071bcaebf5352c1a4f3b28ba79d08e3a404b3a4b2503cc9d6c8692e195d118dc23969d235fb85cbd96dcadcaaeeb89

  • SSDEEP

    6144:bKlx3FcfCElJk125U8SpVUagDsvb6mgmw4sFfTysVufBn597NX2H:boVcfXlJkE5YVUjuOjysgfBnnl2H

Malware Config

Targets

    • Target

      JaffaCakes118_7a2028a2ec36eb8cd47f9c62d5d2f580

    • Size

      578KB

    • MD5

      7a2028a2ec36eb8cd47f9c62d5d2f580

    • SHA1

      3e639c1209d81cbb9be4c5fc4ddd4b942e0d97da

    • SHA256

      a7076691e7f7c664382465fe474ce5f186a730ea60a0ecf2623a88ab64bdeeb6

    • SHA512

      00d6da4735fde6b552487e55ee33cbcf7e071bcaebf5352c1a4f3b28ba79d08e3a404b3a4b2503cc9d6c8692e195d118dc23969d235fb85cbd96dcadcaaeeb89

    • SSDEEP

      6144:bKlx3FcfCElJk125U8SpVUagDsvb6mgmw4sFfTysVufBn597NX2H:boVcfXlJkE5YVUjuOjysgfBnnl2H

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

    • Revengerat family

    • RevengeRat Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks