General
-
Target
8ff372de79d40ec580da28b48264fffd5a7ad4b3faae03c935f8fe9dde5c106b
-
Size
903KB
-
Sample
240621-a84lsayamj
-
MD5
bf6258ab209ad7f28278d9b5365059e4
-
SHA1
90e46b379c6a8c0f28a7f5706defd95cf57d3ae3
-
SHA256
8ff372de79d40ec580da28b48264fffd5a7ad4b3faae03c935f8fe9dde5c106b
-
SHA512
87ad3dd495e096dc410e08f3c6fbaebe0a5018bfffff224bab3b1a3a3dfdbf4e472065b33aaa4fa334ae151f7b2c41181d028689e95caafd70e36b0cbf6fc155
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5y:gh+ZkldoPK8YaKGy
Static task
static1
Behavioral task
behavioral1
Sample
8ff372de79d40ec580da28b48264fffd5a7ad4b3faae03c935f8fe9dde5c106b.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8ff372de79d40ec580da28b48264fffd5a7ad4b3faae03c935f8fe9dde5c106b.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
8ff372de79d40ec580da28b48264fffd5a7ad4b3faae03c935f8fe9dde5c106b
-
Size
903KB
-
MD5
bf6258ab209ad7f28278d9b5365059e4
-
SHA1
90e46b379c6a8c0f28a7f5706defd95cf57d3ae3
-
SHA256
8ff372de79d40ec580da28b48264fffd5a7ad4b3faae03c935f8fe9dde5c106b
-
SHA512
87ad3dd495e096dc410e08f3c6fbaebe0a5018bfffff224bab3b1a3a3dfdbf4e472065b33aaa4fa334ae151f7b2c41181d028689e95caafd70e36b0cbf6fc155
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5y:gh+ZkldoPK8YaKGy
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-