General
-
Target
a6a6f8c679640369885b8ba466d7106d225493b44e2b4143731affcf748e1dceN
-
Size
952KB
-
Sample
240927-y8jtdaxhkm
-
MD5
bff2eb49bb8366e43ff6b715f59531d0
-
SHA1
51097d5c1beecf392805cf87fca69be421a9828c
-
SHA256
a6a6f8c679640369885b8ba466d7106d225493b44e2b4143731affcf748e1dce
-
SHA512
b48cfa69ee9c75f2d4a81ceca2bf4905656b1c34dba42e1a8f21562635ec90a0ea111cee37394ef1397c6dd568d2950ed1513965089cce8530d3bd97b40abc21
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5G:Rh+ZkldDPK8YaKjG
Static task
static1
Behavioral task
behavioral1
Sample
a6a6f8c679640369885b8ba466d7106d225493b44e2b4143731affcf748e1dceN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a6a6f8c679640369885b8ba466d7106d225493b44e2b4143731affcf748e1dceN.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
a6a6f8c679640369885b8ba466d7106d225493b44e2b4143731affcf748e1dceN
-
Size
952KB
-
MD5
bff2eb49bb8366e43ff6b715f59531d0
-
SHA1
51097d5c1beecf392805cf87fca69be421a9828c
-
SHA256
a6a6f8c679640369885b8ba466d7106d225493b44e2b4143731affcf748e1dce
-
SHA512
b48cfa69ee9c75f2d4a81ceca2bf4905656b1c34dba42e1a8f21562635ec90a0ea111cee37394ef1397c6dd568d2950ed1513965089cce8530d3bd97b40abc21
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5G:Rh+ZkldDPK8YaKjG
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-