General
-
Target
2db256d1e57212bcb280456759970476b2005447afb7576a800bb1c5b3e854bb
-
Size
902KB
-
Sample
250310-vrm8paskv9
-
MD5
1a03389c5283977ccd4f07c9e040ed67
-
SHA1
2e5673ef8bf063ac771e50f992571ae7db70bd7b
-
SHA256
2db256d1e57212bcb280456759970476b2005447afb7576a800bb1c5b3e854bb
-
SHA512
df9dab0c1fd3558e8e1734bbd22bf5f668218bf9930f8f0d075a8cbeb75bffee33698d64f87d7be2afb4321d0439de868f3a5e8d97f55e089da25515653ac533
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5x:gh+ZkldoPK8YaKGx
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
2db256d1e57212bcb280456759970476b2005447afb7576a800bb1c5b3e854bb
-
Size
902KB
-
MD5
1a03389c5283977ccd4f07c9e040ed67
-
SHA1
2e5673ef8bf063ac771e50f992571ae7db70bd7b
-
SHA256
2db256d1e57212bcb280456759970476b2005447afb7576a800bb1c5b3e854bb
-
SHA512
df9dab0c1fd3558e8e1734bbd22bf5f668218bf9930f8f0d075a8cbeb75bffee33698d64f87d7be2afb4321d0439de868f3a5e8d97f55e089da25515653ac533
-
SSDEEP
24576:ZAHnh+eWsN3skA4RV1Hom2KXMmHaKZa5x:gh+ZkldoPK8YaKGx
Score10/10-
RevengeRAT
Remote-access trojan with a wide range of capabilities.
-
Revengerat family
-
Drops startup file
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-