General
-
Target
e5d05d5bcd0dca55887b970a36448056b1e321a2efaecd70b57dd1fd74447fc8
-
Size
951KB
-
Sample
240627-bj2lkavaph
-
MD5
c5bee290da758bd2d32dadfd7d5b93ed
-
SHA1
12f8bec54aba4efd37213970953fd3b47adcf2cc
-
SHA256
e5d05d5bcd0dca55887b970a36448056b1e321a2efaecd70b57dd1fd74447fc8
-
SHA512
bf91e8ecf70618ad3f8fbf17d12e71f0c970081963690a392dbbeb044e04b95c5217cba07bd7488a9ddb057597ac71a628ea87bca62120774db5ba834800b334
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5x:Rh+ZkldDPK8YaKjx
Static task
static1
Behavioral task
behavioral1
Sample
e5d05d5bcd0dca55887b970a36448056b1e321a2efaecd70b57dd1fd74447fc8.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
e5d05d5bcd0dca55887b970a36448056b1e321a2efaecd70b57dd1fd74447fc8.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
e5d05d5bcd0dca55887b970a36448056b1e321a2efaecd70b57dd1fd74447fc8
-
Size
951KB
-
MD5
c5bee290da758bd2d32dadfd7d5b93ed
-
SHA1
12f8bec54aba4efd37213970953fd3b47adcf2cc
-
SHA256
e5d05d5bcd0dca55887b970a36448056b1e321a2efaecd70b57dd1fd74447fc8
-
SHA512
bf91e8ecf70618ad3f8fbf17d12e71f0c970081963690a392dbbeb044e04b95c5217cba07bd7488a9ddb057597ac71a628ea87bca62120774db5ba834800b334
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5x:Rh+ZkldDPK8YaKjx
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-