General
-
Target
735d8bdf4f1b98fbe2c190f165dbe56756053a20b24f96b0d10bf9f2999ff0f7
-
Size
902KB
-
Sample
240309-23yxwsdh9t
-
MD5
22c8dd16840503effd656c05d7ff0c71
-
SHA1
196eb47f9abb6b0b4495a2f4f1fd032023bc953c
-
SHA256
735d8bdf4f1b98fbe2c190f165dbe56756053a20b24f96b0d10bf9f2999ff0f7
-
SHA512
f19bb02f7a87ac2763c7264ea88f18eefceebd329112c4eadb568609498674c68d8e5aa51edf4ecbfaace711b3cdebb34ece2452bbaa51e095acbae971172434
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5y:gh+ZkldoPK8YaKGy
Static task
static1
Behavioral task
behavioral1
Sample
735d8bdf4f1b98fbe2c190f165dbe56756053a20b24f96b0d10bf9f2999ff0f7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
735d8bdf4f1b98fbe2c190f165dbe56756053a20b24f96b0d10bf9f2999ff0f7.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
735d8bdf4f1b98fbe2c190f165dbe56756053a20b24f96b0d10bf9f2999ff0f7
-
Size
902KB
-
MD5
22c8dd16840503effd656c05d7ff0c71
-
SHA1
196eb47f9abb6b0b4495a2f4f1fd032023bc953c
-
SHA256
735d8bdf4f1b98fbe2c190f165dbe56756053a20b24f96b0d10bf9f2999ff0f7
-
SHA512
f19bb02f7a87ac2763c7264ea88f18eefceebd329112c4eadb568609498674c68d8e5aa51edf4ecbfaace711b3cdebb34ece2452bbaa51e095acbae971172434
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5y:gh+ZkldoPK8YaKGy
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-