General
-
Target
f46d3e395e2fd75cef0818548cbeda40N.exe
-
Size
951KB
-
Sample
240720-wbe3tavbqa
-
MD5
f46d3e395e2fd75cef0818548cbeda40
-
SHA1
c3997a9b37ba6e959fab532f04a59e608caf1b0d
-
SHA256
09014ccbae7b46846e4aab135f51a94ee9c75a6648d4e0779f471acda8936cfb
-
SHA512
a7e49dc8929e1bdb4831bcee3a57b6bfa3059c8d74469caf80f72f8ca06d2f6f3aa332212f2e16a128d3ca32c4710378720acec9b543f88573dc67a26b55f820
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5F:Rh+ZkldDPK8YaKjF
Static task
static1
Behavioral task
behavioral1
Sample
f46d3e395e2fd75cef0818548cbeda40N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
f46d3e395e2fd75cef0818548cbeda40N.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
f46d3e395e2fd75cef0818548cbeda40N.exe
-
Size
951KB
-
MD5
f46d3e395e2fd75cef0818548cbeda40
-
SHA1
c3997a9b37ba6e959fab532f04a59e608caf1b0d
-
SHA256
09014ccbae7b46846e4aab135f51a94ee9c75a6648d4e0779f471acda8936cfb
-
SHA512
a7e49dc8929e1bdb4831bcee3a57b6bfa3059c8d74469caf80f72f8ca06d2f6f3aa332212f2e16a128d3ca32c4710378720acec9b543f88573dc67a26b55f820
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5F:Rh+ZkldDPK8YaKjF
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-