General
-
Target
053d34daddd31baa15adcb049da9dab0N.exe
-
Size
951KB
-
Sample
240813-pbp5fsselc
-
MD5
053d34daddd31baa15adcb049da9dab0
-
SHA1
6bc84a0842ba30ed680d99246b0d18d270833f69
-
SHA256
4a0b5e28393f0458ed6b0d673f558f76a602a462f2f69ee1f01bc90e4a6a2a59
-
SHA512
4341197b2f017d6901fc0ac42025265f0c70564f08141eebcdfe70003b13015f5384d520f8db8f3dc868c604120a9482520dfc29aedb131a0a75e9c91d9e8606
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5z:Rh+ZkldDPK8YaKjz
Static task
static1
Behavioral task
behavioral1
Sample
053d34daddd31baa15adcb049da9dab0N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
053d34daddd31baa15adcb049da9dab0N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
053d34daddd31baa15adcb049da9dab0N.exe
-
Size
951KB
-
MD5
053d34daddd31baa15adcb049da9dab0
-
SHA1
6bc84a0842ba30ed680d99246b0d18d270833f69
-
SHA256
4a0b5e28393f0458ed6b0d673f558f76a602a462f2f69ee1f01bc90e4a6a2a59
-
SHA512
4341197b2f017d6901fc0ac42025265f0c70564f08141eebcdfe70003b13015f5384d520f8db8f3dc868c604120a9482520dfc29aedb131a0a75e9c91d9e8606
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5z:Rh+ZkldDPK8YaKjz
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-