General
-
Target
9f30ec72412de0a9b686f5f1b774f700N.exe
-
Size
952KB
-
Sample
240915-cglb8szfmc
-
MD5
9f30ec72412de0a9b686f5f1b774f700
-
SHA1
08d3edadf39badf7631adc0471cf5e232dc3f0ce
-
SHA256
f73ef9507c8a054625412574f101e8b427413c72b5fc8a2f536037043145c4f3
-
SHA512
39fef420a598f869a748783d5ea8d72e3216b7c3098281df16cf800896c551b811bd7fcd56e2c2a91d6d51d09438ef2b9f8075f85c943a3621434b31cc886813
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5k:Rh+ZkldDPK8YaKjk
Static task
static1
Behavioral task
behavioral1
Sample
9f30ec72412de0a9b686f5f1b774f700N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9f30ec72412de0a9b686f5f1b774f700N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
9f30ec72412de0a9b686f5f1b774f700N.exe
-
Size
952KB
-
MD5
9f30ec72412de0a9b686f5f1b774f700
-
SHA1
08d3edadf39badf7631adc0471cf5e232dc3f0ce
-
SHA256
f73ef9507c8a054625412574f101e8b427413c72b5fc8a2f536037043145c4f3
-
SHA512
39fef420a598f869a748783d5ea8d72e3216b7c3098281df16cf800896c551b811bd7fcd56e2c2a91d6d51d09438ef2b9f8075f85c943a3621434b31cc886813
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5k:Rh+ZkldDPK8YaKjk
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-