General
-
Target
fc23e27b99eba6f87b0e7cbd0fa8ead4fbc46f92388d70c75896a5a585e42428
-
Size
903KB
-
Sample
240402-e91czagg7v
-
MD5
355a194123e5b16bb532b8808489e0d8
-
SHA1
e61e197d4ba16dd72bd40e61b5e93447b9ad3623
-
SHA256
fc23e27b99eba6f87b0e7cbd0fa8ead4fbc46f92388d70c75896a5a585e42428
-
SHA512
1eabfbf3ae0c5b5c217be23cb3ed0c9bf3e286c1aa7d98804f2022c0945d5913f765cbfe75757365c4b9715d267cfe87186a1a59613b90fb534be469277db788
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5D:gh+ZkldoPK8YaKGD
Static task
static1
Behavioral task
behavioral1
Sample
fc23e27b99eba6f87b0e7cbd0fa8ead4fbc46f92388d70c75896a5a585e42428.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fc23e27b99eba6f87b0e7cbd0fa8ead4fbc46f92388d70c75896a5a585e42428.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
fc23e27b99eba6f87b0e7cbd0fa8ead4fbc46f92388d70c75896a5a585e42428
-
Size
903KB
-
MD5
355a194123e5b16bb532b8808489e0d8
-
SHA1
e61e197d4ba16dd72bd40e61b5e93447b9ad3623
-
SHA256
fc23e27b99eba6f87b0e7cbd0fa8ead4fbc46f92388d70c75896a5a585e42428
-
SHA512
1eabfbf3ae0c5b5c217be23cb3ed0c9bf3e286c1aa7d98804f2022c0945d5913f765cbfe75757365c4b9715d267cfe87186a1a59613b90fb534be469277db788
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5D:gh+ZkldoPK8YaKGD
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-