General
-
Target
6498a2a5c88f5fc35f9b4d3081b96ff0N.exe
-
Size
951KB
-
Sample
240731-ewz52swdqn
-
MD5
6498a2a5c88f5fc35f9b4d3081b96ff0
-
SHA1
589498c7a2aa54e71dbdacb90d38ec3a8cda469b
-
SHA256
d03231b453198207d93dd1253a7ed388d735e46a51db307c80beee81adb5bf80
-
SHA512
257ceb43870ed3bab1dab32da7b04ec958bde8bb94f4ed2755b7ee0568438aa7081743414283c40950401b974de10922ace0e9be55252fbecc2340c3f362ff87
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5h:Rh+ZkldDPK8YaKjh
Static task
static1
Behavioral task
behavioral1
Sample
6498a2a5c88f5fc35f9b4d3081b96ff0N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
6498a2a5c88f5fc35f9b4d3081b96ff0N.exe
Resource
win10v2004-20240730-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
6498a2a5c88f5fc35f9b4d3081b96ff0N.exe
-
Size
951KB
-
MD5
6498a2a5c88f5fc35f9b4d3081b96ff0
-
SHA1
589498c7a2aa54e71dbdacb90d38ec3a8cda469b
-
SHA256
d03231b453198207d93dd1253a7ed388d735e46a51db307c80beee81adb5bf80
-
SHA512
257ceb43870ed3bab1dab32da7b04ec958bde8bb94f4ed2755b7ee0568438aa7081743414283c40950401b974de10922ace0e9be55252fbecc2340c3f362ff87
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5h:Rh+ZkldDPK8YaKjh
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-