General
-
Target
d30ff7766084859f22546aca5b1932a42a0ad58df26e56c93a1081fee7112bd9
-
Size
952KB
-
Sample
240813-a5mtvsvepd
-
MD5
b2ac9181e76292c21ed85b66215c7e49
-
SHA1
45fabd926afb669cdc05ee6e8b2d2b0a12fed156
-
SHA256
d30ff7766084859f22546aca5b1932a42a0ad58df26e56c93a1081fee7112bd9
-
SHA512
ff481de3dd44a3fec9263105dc79bcacf62359fdcb1e551e304292b030788e98a29dd3bfedd43f614b0ca1f60be871bcf37998288ac8a392851af9cf3ebbf437
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5b:Rh+ZkldDPK8YaKjb
Static task
static1
Behavioral task
behavioral1
Sample
d30ff7766084859f22546aca5b1932a42a0ad58df26e56c93a1081fee7112bd9.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
d30ff7766084859f22546aca5b1932a42a0ad58df26e56c93a1081fee7112bd9.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
d30ff7766084859f22546aca5b1932a42a0ad58df26e56c93a1081fee7112bd9
-
Size
952KB
-
MD5
b2ac9181e76292c21ed85b66215c7e49
-
SHA1
45fabd926afb669cdc05ee6e8b2d2b0a12fed156
-
SHA256
d30ff7766084859f22546aca5b1932a42a0ad58df26e56c93a1081fee7112bd9
-
SHA512
ff481de3dd44a3fec9263105dc79bcacf62359fdcb1e551e304292b030788e98a29dd3bfedd43f614b0ca1f60be871bcf37998288ac8a392851af9cf3ebbf437
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5b:Rh+ZkldDPK8YaKjb
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-