Overview

overview

10

Static

static

10

JaffaCakes...a6.exe

windows7-x64

10

JaffaCakes...a6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e09299678134a7eec29bbd86d054fda6

  • Size

    557KB

  • Sample

    250110-lagvxazmbw

  • MD5

    e09299678134a7eec29bbd86d054fda6

  • SHA1

    1a03a3d92259f3f7d46f01aec44722cdc4b922a9

  • SHA256

    7e167798805bdee5d4d866d6cb0318d6469f928d6a48fb810ada076de4f3c5aa

  • SHA512

    6661eee555393fc2c3362b3d1135b207760b48840a85e4ef3277df33247cea4804408b8e3f5d681b5b8a64350f14db57f30c897c7853a16ba030c25d7ebba06b

  • SSDEEP

    12288:apkiIqsCqaXTa+dD2m4JZUXy7NlW0EJRz:apkEsHf+dCm7cNlWDJ

Score
10/10
revengeratdiscoverypersistencestealertrojan

Malware Config

Targets

    • Target

      JaffaCakes118_e09299678134a7eec29bbd86d054fda6

    • Size

      557KB

    • MD5

      e09299678134a7eec29bbd86d054fda6

    • SHA1

      1a03a3d92259f3f7d46f01aec44722cdc4b922a9

    • SHA256

      7e167798805bdee5d4d866d6cb0318d6469f928d6a48fb810ada076de4f3c5aa

    • SHA512

      6661eee555393fc2c3362b3d1135b207760b48840a85e4ef3277df33247cea4804408b8e3f5d681b5b8a64350f14db57f30c897c7853a16ba030c25d7ebba06b

    • SSDEEP

      12288:apkiIqsCqaXTa+dD2m4JZUXy7NlW0EJRz:apkEsHf+dCm7cNlWDJ

    Score
    10/10
    revengeratdiscoverypersistencestealertrojan

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Revengerat family

      revengerat

    • RevengeRat Executable

      stealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks