General
-
Target
4703bcbdb4f49ed1707c9c520c27c27cd32ec820fa70b39d7f4f9be8de8573de
-
Size
951KB
-
Sample
240701-z29a5atfjm
-
MD5
a998ea7475bf99b8ac25c8ffeb47bb5e
-
SHA1
2daa32e2da9d58a8b28cf70fc56c870896f3ff2d
-
SHA256
4703bcbdb4f49ed1707c9c520c27c27cd32ec820fa70b39d7f4f9be8de8573de
-
SHA512
bb67c96b0f45b66d0476bd5d6c31eea54420431c6ca18e67eb2655c3314cc05d91b3d5d8d58781c64191bd2335da17a78eed79b3faaf3f2bc07c2e6c2e4dd421
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5h:Rh+ZkldDPK8YaKjh
Static task
static1
Behavioral task
behavioral1
Sample
4703bcbdb4f49ed1707c9c520c27c27cd32ec820fa70b39d7f4f9be8de8573de.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
4703bcbdb4f49ed1707c9c520c27c27cd32ec820fa70b39d7f4f9be8de8573de.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
4703bcbdb4f49ed1707c9c520c27c27cd32ec820fa70b39d7f4f9be8de8573de
-
Size
951KB
-
MD5
a998ea7475bf99b8ac25c8ffeb47bb5e
-
SHA1
2daa32e2da9d58a8b28cf70fc56c870896f3ff2d
-
SHA256
4703bcbdb4f49ed1707c9c520c27c27cd32ec820fa70b39d7f4f9be8de8573de
-
SHA512
bb67c96b0f45b66d0476bd5d6c31eea54420431c6ca18e67eb2655c3314cc05d91b3d5d8d58781c64191bd2335da17a78eed79b3faaf3f2bc07c2e6c2e4dd421
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5h:Rh+ZkldDPK8YaKjh
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-