General
-
Target
c511b1c072c5724438d1585340b00380N.exe
-
Size
952KB
-
Sample
240815-akpgysyfrq
-
MD5
c511b1c072c5724438d1585340b00380
-
SHA1
538ad334a28d19f14c399d7a001e4884ceaba422
-
SHA256
73deff9bb425259fc9c6b6bd261d0848315a410ab051205d7ccae8a74a949792
-
SHA512
36cf7415b3e19c99cc0f877ad08b3d6c1e3de31f069d0f50165926c2a602120cfe122eb9efda0a4ef2122a2f1923e3fbbf629b66bf7346c4fbdb1ccd21030796
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5T:Rh+ZkldDPK8YaKjT
Static task
static1
Behavioral task
behavioral1
Sample
c511b1c072c5724438d1585340b00380N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
c511b1c072c5724438d1585340b00380N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
c511b1c072c5724438d1585340b00380N.exe
-
Size
952KB
-
MD5
c511b1c072c5724438d1585340b00380
-
SHA1
538ad334a28d19f14c399d7a001e4884ceaba422
-
SHA256
73deff9bb425259fc9c6b6bd261d0848315a410ab051205d7ccae8a74a949792
-
SHA512
36cf7415b3e19c99cc0f877ad08b3d6c1e3de31f069d0f50165926c2a602120cfe122eb9efda0a4ef2122a2f1923e3fbbf629b66bf7346c4fbdb1ccd21030796
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5T:Rh+ZkldDPK8YaKjT
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-