General
-
Target
694b37ca1d29f2eedb4d408834c885e7.bin
-
Size
30KB
-
Sample
230606-bpqq9abd96
-
MD5
44b9c30f314a3f9f93383e4fc0017559
-
SHA1
d8c5f063b34d5dc8eefe922c8ba4fa47a1fe4420
-
SHA256
168e4c0d84ec95ff4aa2e5867342f751a8633fa65529326e27f64302b0a855d1
-
SHA512
5b244d0eae94a278ef20a6f09dc246b32ae81cb2b165cd328679e8abb7910e0e5f9ce87c5dfaff26ce9b86971c0526a849e7a5d328d3eff5c51beb6a23d917bb
-
SSDEEP
768:H/aF8zBIEBnftwVWA37u1dV07kEbvER34PZkgp:H/aF0dFwTqTVihb8pkZkg
Behavioral task
behavioral1
Sample
0562a2df06412fc0038afca2d27c4b1428681a518015cd2fd823df9b55db21f9.pps
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0562a2df06412fc0038afca2d27c4b1428681a518015cd2fd823df9b55db21f9.pps
Resource
win10v2004-20230220-en
Malware Config
Extracted
revengerat
NyanCatRevenge
m7.ddns.com.br:5222
30c2ac3031a0
Targets
-
-
Target
0562a2df06412fc0038afca2d27c4b1428681a518015cd2fd823df9b55db21f9.ppt
-
Size
134KB
-
MD5
694b37ca1d29f2eedb4d408834c885e7
-
SHA1
0c23ec46e7f460f8db3e14db0314eed2728fffcf
-
SHA256
0562a2df06412fc0038afca2d27c4b1428681a518015cd2fd823df9b55db21f9
-
SHA512
2e658f1a32592e7ffb3dab39c9b92c58d788a9aaf581f36422d6d64264ed073036a6230087a60218243158a946b574d4ef952110966946ab006dd9bb9ef572f9
-
SSDEEP
3072:cPnoH4mXthE3HxBTBg/zDKQACpqM2IEVILRRRRR3:cPnRXyN2IEVILRRRRR3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-