General
-
Target
768acad0260a02ec7e5c4f33542db412aeecf1e7a49471192a2f440923819ff8
-
Size
952KB
-
Sample
250109-cyr64strds
-
MD5
c769c5410e0227275c1aeefd10c85b71
-
SHA1
34f90dc7dbdaab0f0efc920a3d6bee405944e4ce
-
SHA256
768acad0260a02ec7e5c4f33542db412aeecf1e7a49471192a2f440923819ff8
-
SHA512
bf326443dabb037dfc86a1891d04f408e1bd1e4a020d4ea182348c3f1b79314bd8fd90b5d4fbe265ca2fccdaf8cbc436927ac633abfe7212763150018d6186e4
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5G:Rh+ZkldDPK8YaKjG
Static task
static1
Behavioral task
behavioral1
Sample
768acad0260a02ec7e5c4f33542db412aeecf1e7a49471192a2f440923819ff8.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
768acad0260a02ec7e5c4f33542db412aeecf1e7a49471192a2f440923819ff8.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
768acad0260a02ec7e5c4f33542db412aeecf1e7a49471192a2f440923819ff8
-
Size
952KB
-
MD5
c769c5410e0227275c1aeefd10c85b71
-
SHA1
34f90dc7dbdaab0f0efc920a3d6bee405944e4ce
-
SHA256
768acad0260a02ec7e5c4f33542db412aeecf1e7a49471192a2f440923819ff8
-
SHA512
bf326443dabb037dfc86a1891d04f408e1bd1e4a020d4ea182348c3f1b79314bd8fd90b5d4fbe265ca2fccdaf8cbc436927ac633abfe7212763150018d6186e4
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT5G:Rh+ZkldDPK8YaKjG
Score10/10-
Revengerat family
-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-