Overview

overview

10

Static

static

10

3056-4-0x0...ry.exe

windows7-x64

1

3056-4-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3056-4-0x0000000000090000-0x0000000000098000-memory.dmp

  • Size

    32KB

  • MD5

    9388c055d269b1b6074cde4dd79ab2c8

  • SHA1

    078081920a72f29497198ed7292598f40ba4163e

  • SHA256

    0e8685e3fc14508407a13a4693a56e670712c18e84d93f00ccdafb18568d7743

  • SHA512

    9d1a7eda53e1e2c833959702dff03dd53d92bac43048be3e2fd4dcc28abe847724ed689687a6d8f332257a55574be92317978823661f4393b413e0e4960563cb

  • SSDEEP

    384:G7mHny19HqmjuqRz9oDPlMNcLlb5sVK9y/5Ct:G7mHny19NjVtclMNEYo

Score
10/10
marzo26revengerat

Malware Config

Extracted

Family

revengerat

Botnet

Marzo26

C2

marzorevenger.duckdns.org:4230

Mutex

RV_MUTEX-PiGGjjtnxDpn

Signatures

  • Revengerat family
    revengerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3056-4-0x0000000000090000-0x0000000000098000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections