General
-
Target
4bdf077f4ecc376c5bce3aaf6f5e0c60N.exe
-
Size
952KB
-
Sample
240817-zfmv1aycjq
-
MD5
4bdf077f4ecc376c5bce3aaf6f5e0c60
-
SHA1
1f609c27fb9250980578cdf2f9dc8e5e81086313
-
SHA256
962ebd0d3c54e5a317666e322f099316f26e82018927cd1d3144a9744e79bbaf
-
SHA512
73f6812f64a350cf090760317b3068ef00ecaa6a01f995bfebe1b27e4526cace5456e585efb0fc53ee1fe420972be6c7fd3d5f27083c552f0922c2c7f2ceb246
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT55:Rh+ZkldDPK8YaKj5
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
4bdf077f4ecc376c5bce3aaf6f5e0c60N.exe
-
Size
952KB
-
MD5
4bdf077f4ecc376c5bce3aaf6f5e0c60
-
SHA1
1f609c27fb9250980578cdf2f9dc8e5e81086313
-
SHA256
962ebd0d3c54e5a317666e322f099316f26e82018927cd1d3144a9744e79bbaf
-
SHA512
73f6812f64a350cf090760317b3068ef00ecaa6a01f995bfebe1b27e4526cace5456e585efb0fc53ee1fe420972be6c7fd3d5f27083c552f0922c2c7f2ceb246
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT55:Rh+ZkldDPK8YaKj5
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-