General
-
Target
393B10AAC7F59B3D7A146C654A24777D4B48648C3D8B8.exe
-
Size
419KB
-
Sample
221023-dtsgragbhm
-
MD5
36199d74da34290f87be389bb6bb9515
-
SHA1
7d997bf1fc79f9d9cb1a5c47b721a7f1e310a4ff
-
SHA256
393b10aac7f59b3d7a146c654a24777d4b48648c3d8b842754de1ba58b1d5490
-
SHA512
7b7dcb98e36fed88e22435832a8dc604845a463ed82058c1cdbe060839f9926d772cc219890a5f55ef2cbf42cc2037f6404840f0124fbdf27e6820e5ec6b272f
-
SSDEEP
12288:p051XAB4MzIbYyOrCKuBBPcn/txkAWQEho:p+1XAB4wIbfJlcn1xkjh
Static task
static1
Behavioral task
behavioral1
Sample
393B10AAC7F59B3D7A146C654A24777D4B48648C3D8B8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
393B10AAC7F59B3D7A146C654A24777D4B48648C3D8B8.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
revengerat
NyanCatRevenge
alice2019.myftp.biz:7575
a4765021d3
Targets
-
-
Target
393B10AAC7F59B3D7A146C654A24777D4B48648C3D8B8.exe
-
Size
419KB
-
MD5
36199d74da34290f87be389bb6bb9515
-
SHA1
7d997bf1fc79f9d9cb1a5c47b721a7f1e310a4ff
-
SHA256
393b10aac7f59b3d7a146c654a24777d4b48648c3d8b842754de1ba58b1d5490
-
SHA512
7b7dcb98e36fed88e22435832a8dc604845a463ed82058c1cdbe060839f9926d772cc219890a5f55ef2cbf42cc2037f6404840f0124fbdf27e6820e5ec6b272f
-
SSDEEP
12288:p051XAB4MzIbYyOrCKuBBPcn/txkAWQEho:p+1XAB4wIbfJlcn1xkjh
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-