General
-
Target
db4e884737e9eb63f7f9f28fee26e47b3750516556d006131a2f800dcf70b6f4
-
Size
904KB
-
Sample
240702-enkqdsyejp
-
MD5
f44df7afe62eb83b7853397406fe61f8
-
SHA1
e4a832f01de003995ce5157d70927e77d1fad19e
-
SHA256
db4e884737e9eb63f7f9f28fee26e47b3750516556d006131a2f800dcf70b6f4
-
SHA512
12879b9343d227885d344cf5c0e1d99baaf197dd6877106e7666901961963ee4fe0b0dd1358f644aaf155cf4443196f993addabb715c992334b892bb2777de8b
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5o:gh+ZkldoPK8YaKGo
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
db4e884737e9eb63f7f9f28fee26e47b3750516556d006131a2f800dcf70b6f4
-
Size
904KB
-
MD5
f44df7afe62eb83b7853397406fe61f8
-
SHA1
e4a832f01de003995ce5157d70927e77d1fad19e
-
SHA256
db4e884737e9eb63f7f9f28fee26e47b3750516556d006131a2f800dcf70b6f4
-
SHA512
12879b9343d227885d344cf5c0e1d99baaf197dd6877106e7666901961963ee4fe0b0dd1358f644aaf155cf4443196f993addabb715c992334b892bb2777de8b
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5o:gh+ZkldoPK8YaKGo
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
Drops startup file
-
Suspicious use of SetThreadContext
-