General
-
Target
9edad4c8e6bd457ee586c27f77f894833e9f61e8067c335b0db0a157872f255b
-
Size
903KB
-
Sample
240702-bhsl9s1cmd
-
MD5
b4d89f92c0d674a3c3dd861a302716f4
-
SHA1
cd7f9297f3ca1d72dff9c3d458457df3205def68
-
SHA256
9edad4c8e6bd457ee586c27f77f894833e9f61e8067c335b0db0a157872f255b
-
SHA512
6e720a47b7b7b4056f6624f1bc61a5c13ec07341702f6f04eac94acd3b9a99c783903b63681e87fe1b7cd97717b18c869565652a4268341d40ea0af8fb23c748
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5Y:gh+ZkldoPK8YaKGY
Static task
static1
Behavioral task
behavioral1
Sample
9edad4c8e6bd457ee586c27f77f894833e9f61e8067c335b0db0a157872f255b.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
9edad4c8e6bd457ee586c27f77f894833e9f61e8067c335b0db0a157872f255b.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
9edad4c8e6bd457ee586c27f77f894833e9f61e8067c335b0db0a157872f255b
-
Size
903KB
-
MD5
b4d89f92c0d674a3c3dd861a302716f4
-
SHA1
cd7f9297f3ca1d72dff9c3d458457df3205def68
-
SHA256
9edad4c8e6bd457ee586c27f77f894833e9f61e8067c335b0db0a157872f255b
-
SHA512
6e720a47b7b7b4056f6624f1bc61a5c13ec07341702f6f04eac94acd3b9a99c783903b63681e87fe1b7cd97717b18c869565652a4268341d40ea0af8fb23c748
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5Y:gh+ZkldoPK8YaKGY
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-