General
-
Target
a02bff0cc74e526d85c347f785f15fdd7d5f5470805be54306b6703fd7bf7deb
-
Size
951KB
-
Sample
240612-b9dbnaybnk
-
MD5
3d9b4a571d089a19eee10316d36dc3ac
-
SHA1
d7c149cf1f772054c33a49ef004dc7fd7d48fd69
-
SHA256
a02bff0cc74e526d85c347f785f15fdd7d5f5470805be54306b6703fd7bf7deb
-
SHA512
1c9b64313f95bf72bc3a19f07c153407ac0effc0f43b7fd1ee6edd6a1d6ab8033bfbc31b44c744284fef77b22b9502839899fe4025bb89af64d9d208abd1c97b
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5T:Rh+ZkldDPK8YaKjT
Static task
static1
Behavioral task
behavioral1
Sample
a02bff0cc74e526d85c347f785f15fdd7d5f5470805be54306b6703fd7bf7deb.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a02bff0cc74e526d85c347f785f15fdd7d5f5470805be54306b6703fd7bf7deb.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
a02bff0cc74e526d85c347f785f15fdd7d5f5470805be54306b6703fd7bf7deb
-
Size
951KB
-
MD5
3d9b4a571d089a19eee10316d36dc3ac
-
SHA1
d7c149cf1f772054c33a49ef004dc7fd7d48fd69
-
SHA256
a02bff0cc74e526d85c347f785f15fdd7d5f5470805be54306b6703fd7bf7deb
-
SHA512
1c9b64313f95bf72bc3a19f07c153407ac0effc0f43b7fd1ee6edd6a1d6ab8033bfbc31b44c744284fef77b22b9502839899fe4025bb89af64d9d208abd1c97b
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5T:Rh+ZkldDPK8YaKjT
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-