General
-
Target
497b131d44ec80e0c070fb3cd21ae94947c258d927fd8ba33ffb45a98bf79dcf
-
Size
903KB
-
Sample
240331-z68kdsce6w
-
MD5
c798f216b23ba1352ab755b677c0ccee
-
SHA1
5d6ce43ddeede767f7b2e87b7c86488ab4ee866b
-
SHA256
497b131d44ec80e0c070fb3cd21ae94947c258d927fd8ba33ffb45a98bf79dcf
-
SHA512
e00a06ce94d2cb939b6048a4b0e4dbb91ad838ab0c270354be7bd6b19d3573981abec9cd011c69818708257b87f741a45fbadf3ae4bde21d20713a9f0d9bc649
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5P:gh+ZkldoPK8YaKGP
Static task
static1
Behavioral task
behavioral1
Sample
497b131d44ec80e0c070fb3cd21ae94947c258d927fd8ba33ffb45a98bf79dcf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
497b131d44ec80e0c070fb3cd21ae94947c258d927fd8ba33ffb45a98bf79dcf.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
497b131d44ec80e0c070fb3cd21ae94947c258d927fd8ba33ffb45a98bf79dcf
-
Size
903KB
-
MD5
c798f216b23ba1352ab755b677c0ccee
-
SHA1
5d6ce43ddeede767f7b2e87b7c86488ab4ee866b
-
SHA256
497b131d44ec80e0c070fb3cd21ae94947c258d927fd8ba33ffb45a98bf79dcf
-
SHA512
e00a06ce94d2cb939b6048a4b0e4dbb91ad838ab0c270354be7bd6b19d3573981abec9cd011c69818708257b87f741a45fbadf3ae4bde21d20713a9f0d9bc649
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5P:gh+ZkldoPK8YaKGP
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-