General
-
Target
4924f7e800fe18026813adfc87ea4440N.exe
-
Size
951KB
-
Sample
240813-l6fmqaxejf
-
MD5
4924f7e800fe18026813adfc87ea4440
-
SHA1
6dc012c11ec9949eca8e5889902bb7275cd21263
-
SHA256
69d0d2c69fde9fae23cfb0098bb7d6266a5988bfd3119a76e448c9aba0462fb1
-
SHA512
4aa8d1c8df16851041bfdb16b33192bda6b7a44025f76a6e38bfa683af20a9e6c6dc16d32b1ca5c782b7cc7080b696d9c11de23b7827b151ba6d79be0f563cd9
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5Q:Rh+ZkldDPK8YaKjQ
Static task
static1
Behavioral task
behavioral1
Sample
4924f7e800fe18026813adfc87ea4440N.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
4924f7e800fe18026813adfc87ea4440N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
4924f7e800fe18026813adfc87ea4440N.exe
-
Size
951KB
-
MD5
4924f7e800fe18026813adfc87ea4440
-
SHA1
6dc012c11ec9949eca8e5889902bb7275cd21263
-
SHA256
69d0d2c69fde9fae23cfb0098bb7d6266a5988bfd3119a76e448c9aba0462fb1
-
SHA512
4aa8d1c8df16851041bfdb16b33192bda6b7a44025f76a6e38bfa683af20a9e6c6dc16d32b1ca5c782b7cc7080b696d9c11de23b7827b151ba6d79be0f563cd9
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5Q:Rh+ZkldDPK8YaKjQ
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-