General
-
Target
633a7a8aedf8627097b29d0e707c59af.exe
-
Size
4.0MB
-
Sample
230301-pv7hvafg2x
-
MD5
633a7a8aedf8627097b29d0e707c59af
-
SHA1
f36662cce42d02ed690fbc8e71f4cefc17474200
-
SHA256
326faaed1dd1881b1ae5af3ccea65ab894f4d7aaff2770c52c3175a29ab43abf
-
SHA512
17033c6eb42190020320cda1a092eb528186bfc1ba7ac4bce30300732b839de9371e843f67404d8e23c74fab95abc20365ade575b30daf3eede1f93b1b24a568
-
SSDEEP
98304:7trbTA1FZZAG/HW4A5vodMJ5thwVX9Gx5VeqC6BIN4ts7BUGI1jF:hc1Fzf/HxOQMthPgtCIBUGI1B
Static task
static1
Behavioral task
behavioral1
Sample
633a7a8aedf8627097b29d0e707c59af.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
633a7a8aedf8627097b29d0e707c59af.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
revengerat
NyanCatRevenge
marcelotatuape.ddns.net:333
c12ead04c4f046028
Targets
-
-
Target
633a7a8aedf8627097b29d0e707c59af.exe
-
Size
4.0MB
-
MD5
633a7a8aedf8627097b29d0e707c59af
-
SHA1
f36662cce42d02ed690fbc8e71f4cefc17474200
-
SHA256
326faaed1dd1881b1ae5af3ccea65ab894f4d7aaff2770c52c3175a29ab43abf
-
SHA512
17033c6eb42190020320cda1a092eb528186bfc1ba7ac4bce30300732b839de9371e843f67404d8e23c74fab95abc20365ade575b30daf3eede1f93b1b24a568
-
SSDEEP
98304:7trbTA1FZZAG/HW4A5vodMJ5thwVX9Gx5VeqC6BIN4ts7BUGI1jF:hc1Fzf/HxOQMthPgtCIBUGI1B
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-