General
-
Target
cbcc937ed1ac2f9cca45d47d7ab44b49.bin
-
Size
17KB
-
Sample
230605-ptb1jsgf33
-
MD5
327aae8ec2094f6e39dfbb8d2f58040e
-
SHA1
03a1aad8b09cce6588a2602ad7ba1f700e2e60d3
-
SHA256
5c76a333a7cfdf96f03427f85d80216b48ab406e5b5d381f296f3c5af9746429
-
SHA512
fb934db492704c814a77c04d93494fd28f1b9c555f9b2dc44697a9e06563d5eab1bf4002038b4bdf9849a3fc25a4f423854905b2a314af024994fb21c4b268de
-
SSDEEP
384:w1QCVh5m8kDGyU12mZrdAM9hIaq8klZvf7xIToRGf1C5N:bq5dOGPRb7klZLxNQ1g
Static task
static1
Behavioral task
behavioral1
Sample
9e726810be94f4426ca470f2054b1324494f4fd53cd3f3901c79b46e481042e4.ppam
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
9e726810be94f4426ca470f2054b1324494f4fd53cd3f3901c79b46e481042e4.ppam
Resource
win10v2004-20230220-en
Malware Config
Extracted
revengerat
NyanCatRevenge
m7.ddns.com.br:5222
30c2ac3031a0
Targets
-
-
Target
9e726810be94f4426ca470f2054b1324494f4fd53cd3f3901c79b46e481042e4.ppam
-
Size
19KB
-
MD5
cbcc937ed1ac2f9cca45d47d7ab44b49
-
SHA1
4e45051c4e0af07f567407095fbed8cb3e1a032c
-
SHA256
9e726810be94f4426ca470f2054b1324494f4fd53cd3f3901c79b46e481042e4
-
SHA512
7d45eb38cd778b82cae617300a0bc8a0033c3978e9727d2a7932098e9b51d7e4df715d4a1dff4a76837a10a148fdac8997c38fb71cb46afd4ac5e1c4a9727ff6
-
SSDEEP
384:dXPYvQCahPS6U7rbHc1RaICb7PwFkqdKW9rAgZF2o2Z2FoeapDCsx3Dw:VPYryLU7rbHgaIEI5MacgZUhZk8C4zw
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-