General
-
Target
d0eacc86ba243aa25112dfdbe4c11b1bc7e90a50921e2dccaefa65e626484a1c
-
Size
160KB
-
Sample
220219-kzeleabbem
-
MD5
2f4b0aaefc5a69aad3be2795c45e97d7
-
SHA1
b40b2a3afad0f04934e3892a23fa320fbbe85ec5
-
SHA256
d0eacc86ba243aa25112dfdbe4c11b1bc7e90a50921e2dccaefa65e626484a1c
-
SHA512
4e5113ad23bc3a1242f47d9d03a319bd921e3016a8527637aabbb390045f7559609cd478dad8500745a457636360822de5d9f51f2a11e6a13ed76b44d8ad3b8a
Static task
static1
Behavioral task
behavioral1
Sample
d0eacc86ba243aa25112dfdbe4c11b1bc7e90a50921e2dccaefa65e626484a1c.vbs
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
d0eacc86ba243aa25112dfdbe4c11b1bc7e90a50921e2dccaefa65e626484a1c.vbs
Resource
win10v2004-en-20220113
Malware Config
Extracted
revengerat
NyanCatRevenge
h0pe1759.ddns.net:6943
128f3f5311064da68d3
Targets
-
-
Target
d0eacc86ba243aa25112dfdbe4c11b1bc7e90a50921e2dccaefa65e626484a1c
-
Size
160KB
-
MD5
2f4b0aaefc5a69aad3be2795c45e97d7
-
SHA1
b40b2a3afad0f04934e3892a23fa320fbbe85ec5
-
SHA256
d0eacc86ba243aa25112dfdbe4c11b1bc7e90a50921e2dccaefa65e626484a1c
-
SHA512
4e5113ad23bc3a1242f47d9d03a319bd921e3016a8527637aabbb390045f7559609cd478dad8500745a457636360822de5d9f51f2a11e6a13ed76b44d8ad3b8a
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Suspicious use of SetThreadContext
-