General
-
Target
faf8eb5385f983f5d138a581d83c9180N.exe
-
Size
952KB
-
Sample
240814-jbxxeavcrq
-
MD5
faf8eb5385f983f5d138a581d83c9180
-
SHA1
c9f942f0709341fb550de62447bc1985941176e2
-
SHA256
9418ef6de5152b0fbb6c979f42a733799f3351fa61c18391786e5ea12acfb1d6
-
SHA512
8f7aa3ccd45c09c2442924a377ab91dfdcf75d95f30c779ec4225cf12638f2734cf3ec9b588a7929f77c1c6017c4e8ffff5a1ac848065ec37dceb5e5e376d745
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5N:Rh+ZkldDPK8YaKjN
Static task
static1
Behavioral task
behavioral1
Sample
faf8eb5385f983f5d138a581d83c9180N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
faf8eb5385f983f5d138a581d83c9180N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
faf8eb5385f983f5d138a581d83c9180N.exe
-
Size
952KB
-
MD5
faf8eb5385f983f5d138a581d83c9180
-
SHA1
c9f942f0709341fb550de62447bc1985941176e2
-
SHA256
9418ef6de5152b0fbb6c979f42a733799f3351fa61c18391786e5ea12acfb1d6
-
SHA512
8f7aa3ccd45c09c2442924a377ab91dfdcf75d95f30c779ec4225cf12638f2734cf3ec9b588a7929f77c1c6017c4e8ffff5a1ac848065ec37dceb5e5e376d745
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5N:Rh+ZkldDPK8YaKjN
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-