General
-
Target
9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a.exe
-
Size
17KB
-
MD5
b0a6e361a3489d4ed456c6722fe6922a
-
SHA1
b6929310253ef798b416e33efeb968c85bb9425a
-
SHA256
9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a
-
SHA512
bd426911eeddba14810b88fc4b828edb80596671e8a8a2bb5013fb38860a87de01a615e70a12a25acbf9cfca567b164133d4f7ba94a6483d4b48e8b2055c1e6d
-
SSDEEP
384:6ClfEbMFEcg53vRPJnMZUCG4A3DBXM0sXu5syswG9M:pflFWOUPFt0J2
Score
10/10
Malware Config
Extracted
Family
revengerat
Botnet
SPAM
C2
kilimanjaro.cloudns.nz:8811
kilimanjaro.run.place:8811
kilimanjaro.crabdance.com:8811
kilimanjaro.bigmoney.biz:8811
kilimanjaro.theworkpc.com:8811
burkinafaso.duckdns.org:8811
Mutex
RV_MUTEX-GYuaWVCGnhpCsG
Signatures
-
RevengeRat Executable 1 IoCs
-
Revengerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9f006d71eeedec8f39163bafb61feda58e8db8e1e87215606dfc4d48ae464b4a.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections