General
-
Target
cc58e4888bfaa19402ae4b0b341067f9a32705120e975a54411b819f99879c00
-
Size
902KB
-
Sample
240401-cfrsmaah85
-
MD5
b23c7339d04c80961acf35dce69041c1
-
SHA1
f9d5cf6b7f8f4e5db37da227401b2ac5ca77f18a
-
SHA256
cc58e4888bfaa19402ae4b0b341067f9a32705120e975a54411b819f99879c00
-
SHA512
7063c333879721f64e83ba7a435fa7056a33a7eb39a7067a6c62542b8a3b90b8ab583e26d3731921c037bf15e930309e64e8071e5c09f91af639e3fbffc64e9a
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa55:gh+ZkldoPK8YaKG5
Static task
static1
Behavioral task
behavioral1
Sample
cc58e4888bfaa19402ae4b0b341067f9a32705120e975a54411b819f99879c00.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cc58e4888bfaa19402ae4b0b341067f9a32705120e975a54411b819f99879c00.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
cc58e4888bfaa19402ae4b0b341067f9a32705120e975a54411b819f99879c00
-
Size
902KB
-
MD5
b23c7339d04c80961acf35dce69041c1
-
SHA1
f9d5cf6b7f8f4e5db37da227401b2ac5ca77f18a
-
SHA256
cc58e4888bfaa19402ae4b0b341067f9a32705120e975a54411b819f99879c00
-
SHA512
7063c333879721f64e83ba7a435fa7056a33a7eb39a7067a6c62542b8a3b90b8ab583e26d3731921c037bf15e930309e64e8071e5c09f91af639e3fbffc64e9a
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa55:gh+ZkldoPK8YaKG5
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-