General
-
Target
4c2e84b1175e70bfa678a7e8dd58489ad32a96eb7fef4ccd6c688093005498f1N
-
Size
904KB
-
Sample
241010-kdpjgssbnc
-
MD5
473c056f238423fe5e6a8d6e9a3388b0
-
SHA1
cf3e80987292ab3856d06481d51c3a11108feeed
-
SHA256
4c2e84b1175e70bfa678a7e8dd58489ad32a96eb7fef4ccd6c688093005498f1
-
SHA512
91248d1f3e90efa7cd0f89a33133f80244e5f39df7cd5e40ae77abe04c92c0bc645a2a173e5bddf435333b952e7a52aee2fa7836915d503f89dbf85cdeb3fd9f
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5d:gh+ZkldoPK8YaKGd
Static task
static1
Behavioral task
behavioral1
Sample
4c2e84b1175e70bfa678a7e8dd58489ad32a96eb7fef4ccd6c688093005498f1N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4c2e84b1175e70bfa678a7e8dd58489ad32a96eb7fef4ccd6c688093005498f1N.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
4c2e84b1175e70bfa678a7e8dd58489ad32a96eb7fef4ccd6c688093005498f1N
-
Size
904KB
-
MD5
473c056f238423fe5e6a8d6e9a3388b0
-
SHA1
cf3e80987292ab3856d06481d51c3a11108feeed
-
SHA256
4c2e84b1175e70bfa678a7e8dd58489ad32a96eb7fef4ccd6c688093005498f1
-
SHA512
91248d1f3e90efa7cd0f89a33133f80244e5f39df7cd5e40ae77abe04c92c0bc645a2a173e5bddf435333b952e7a52aee2fa7836915d503f89dbf85cdeb3fd9f
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5d:gh+ZkldoPK8YaKGd
Score10/10-
Drops startup file
-
Suspicious use of SetThreadContext
-