General
-
Target
7235c131cad5d81aaf16cfceb78ec41ec1f03a621c1af65022b0ece7a5c51be8
-
Size
952KB
-
Sample
240814-267n7s1clc
-
MD5
9eb67d972af2f7e90ff279b506c64d6f
-
SHA1
6dd4c74d1b7d690076994f7f0711c8b8309add8f
-
SHA256
7235c131cad5d81aaf16cfceb78ec41ec1f03a621c1af65022b0ece7a5c51be8
-
SHA512
f81c590b7ae45c53ab3d496951f3d4d0b6bde0d2a4d870de01321c8496160147b4cc3a48d403d87ae883b863e4a120f7ce1c5f4750971bed50ed212fa604be5f
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5x:Rh+ZkldDPK8YaKjx
Static task
static1
Behavioral task
behavioral1
Sample
7235c131cad5d81aaf16cfceb78ec41ec1f03a621c1af65022b0ece7a5c51be8.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
7235c131cad5d81aaf16cfceb78ec41ec1f03a621c1af65022b0ece7a5c51be8.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
7235c131cad5d81aaf16cfceb78ec41ec1f03a621c1af65022b0ece7a5c51be8
-
Size
952KB
-
MD5
9eb67d972af2f7e90ff279b506c64d6f
-
SHA1
6dd4c74d1b7d690076994f7f0711c8b8309add8f
-
SHA256
7235c131cad5d81aaf16cfceb78ec41ec1f03a621c1af65022b0ece7a5c51be8
-
SHA512
f81c590b7ae45c53ab3d496951f3d4d0b6bde0d2a4d870de01321c8496160147b4cc3a48d403d87ae883b863e4a120f7ce1c5f4750971bed50ed212fa604be5f
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5x:Rh+ZkldDPK8YaKjx
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-