General
-
Target
ec5e8fae03abc7bdc05ba8a7af1d94da7854337627e52bd5271cb43f3bce703b
-
Size
951KB
-
Sample
240702-fjyl5a1all
-
MD5
128ad520ab4981509d21f7736cac72d4
-
SHA1
34de2a82e3a15fa81f1f5113631761190bd5e808
-
SHA256
ec5e8fae03abc7bdc05ba8a7af1d94da7854337627e52bd5271cb43f3bce703b
-
SHA512
29226e69b6317b4b9d55155e1aed321901cf6c0fe9bdb7931be2b0ebf7ab432774fe9279d29252f3352bf9089bf9ae0492c5b1bd8e3489244bc21abb09c68f2e
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5F:Rh+ZkldDPK8YaKjF
Static task
static1
Behavioral task
behavioral1
Sample
ec5e8fae03abc7bdc05ba8a7af1d94da7854337627e52bd5271cb43f3bce703b.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
ec5e8fae03abc7bdc05ba8a7af1d94da7854337627e52bd5271cb43f3bce703b.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
ec5e8fae03abc7bdc05ba8a7af1d94da7854337627e52bd5271cb43f3bce703b
-
Size
951KB
-
MD5
128ad520ab4981509d21f7736cac72d4
-
SHA1
34de2a82e3a15fa81f1f5113631761190bd5e808
-
SHA256
ec5e8fae03abc7bdc05ba8a7af1d94da7854337627e52bd5271cb43f3bce703b
-
SHA512
29226e69b6317b4b9d55155e1aed321901cf6c0fe9bdb7931be2b0ebf7ab432774fe9279d29252f3352bf9089bf9ae0492c5b1bd8e3489244bc21abb09c68f2e
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5F:Rh+ZkldDPK8YaKjF
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-