General
-
Target
2f29c288b1c65341f982d8984a0650ad66765a3bc221bedcebbd2bc784a9da21.zip
-
Size
43KB
-
Sample
230516-y6cx2scd78
-
MD5
4157e68ac106a63b0e896a7b4ae3863e
-
SHA1
376c2f29e7a9d3a7b6226ee188c3f600b467ae06
-
SHA256
77b31ef155fb5590c1150022299678f89a2ddba39fa21bcf0cceebb7b43988d2
-
SHA512
21adfa924aa862cf43661e84db41bf80c17f3ccfa2678ec23f007b3fa63d75998295aafd3363ae4c9fda6dc1bc6692f5c07d7ce46df23308c72e031af045ac2f
-
SSDEEP
768:56N9frK7TwSf9jHriOoe9bD6n3Y1EKDbaHex95kR5/+6GqEjF8YjjWFZ9qHz5fCZ:5A9f+73fFLLoe9v63YC8+qzQAH9GZ8Tw
Static task
static1
Behavioral task
behavioral1
Sample
2f29c288b1c65341f982d8984a0650ad66765a3bc221bedcebbd2bc784a9da21.ppam
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2f29c288b1c65341f982d8984a0650ad66765a3bc221bedcebbd2bc784a9da21.ppam
Resource
win10v2004-20230220-en
Malware Config
Extracted
revengerat
NyanCatRevenge
m7.ddns.com.br:5222
30c2ac3031a0
Targets
-
-
Target
2f29c288b1c65341f982d8984a0650ad66765a3bc221bedcebbd2bc784a9da21.ppam
-
Size
44KB
-
MD5
906084f891c354df688b9b1012673cb0
-
SHA1
df3ac01679d444b6ae6cc81bf0f380cce79bd987
-
SHA256
2f29c288b1c65341f982d8984a0650ad66765a3bc221bedcebbd2bc784a9da21
-
SHA512
c8ab289935931708371d6ed05e95e26981ae338bafeadea4a272541575ace9216dbf569410e535c023727c0c92346b1ecc5d8c35c0a200462967641a8feb1701
-
SSDEEP
768:VPYRy7GviozfDTAR/rRSROn3sYOWTS2+1jqBoVEmErcSeykOgUGM5d/ym4csz:VgRyCR7T2/FMOncYOWXvBoV3EgS8jUGN
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-