Overview

overview

10

Static

static

10

88271db354...9a.exe

windows7-x64

1

88271db354...9a.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a.exe

  • Size

    17KB

  • MD5

    fc3d3b3c17850259571533e6cf2e8880

  • SHA1

    f4a0c78798da0868741c160326866192be448939

  • SHA256

    88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a

  • SHA512

    9b2ca105f21f8e751098efc03bf4501fdb868223116ba455f492491359b9766bd4854537fdbff7a265ab91412e0f00baaa00cf0abb9fe7bc67c1f25f574e419a

  • SSDEEP

    384:6ClfEbMFEcg53vRPJnMZUCG4A3DBXM0sXu5syswG9:pflFWOUPFt0J

Score
10/10
stealerspamrevengerat

Malware Config

Extracted

Family

revengerat

Botnet

SPAM

C2

kilimanjaro.cloudns.nz:8811

kilimanjaro.run.place:8811

kilimanjaro.crabdance.com:8811

kilimanjaro.bigmoney.biz:8811

kilimanjaro.theworkpc.com:8811

burkinafaso.duckdns.org:8811
Mutex

RV_MUTEX-GYuaWVCGnhpCsG

Signatures

  • RevengeRat Executable 1 IoCs
    stealer
  • Revengerat family
    revengerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 88271db3546e63f0b5a769299165d230df7794aea1871f392cef9c074a068e9a.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections