Behavioral task
behavioral1
Sample
a851d4ab461d793a24ef9e1e58d6ae5bf6b27bd0ff0b5a0f470b301b1c00a949exe.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
a851d4ab461d793a24ef9e1e58d6ae5bf6b27bd0ff0b5a0f470b301b1c00a949exe.exe
Resource
win10v2004-20231127-en
General
-
Target
a851d4ab461d793a24ef9e1e58d6ae5bf6b27bd0ff0b5a0f470b301b1c00a949exe.exe
-
Size
14KB
-
MD5
1af7a2e45f20ad74e091fc976be0492e
-
SHA1
2f38c71b292122b5c8f3c9141d7009440de93c9d
-
SHA256
a851d4ab461d793a24ef9e1e58d6ae5bf6b27bd0ff0b5a0f470b301b1c00a949
-
SHA512
61cab349cc7b01bf7cf5fd4cd6b4c03e4c5bc03757e5d318905c7f9bb8f084a857563d08762ca62c979a4d41b92b5e0d2c40e0170e60ada26c98fa2a3c6eabac
-
SSDEEP
192:7+8C+EKS0O9ejYTDG8bcp4Ll7GnieXubWyD9JEBkGxVXzqoNNRJc:7NVjYTDG8gp6leXTyD3Enx0oNK
Malware Config
Extracted
revengerat
NyanCatRevenge
marcelotatuape.ddns.net:333
2f73f0305bc24
Signatures
-
Revengerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource a851d4ab461d793a24ef9e1e58d6ae5bf6b27bd0ff0b5a0f470b301b1c00a949exe.exe
Files
-
a851d4ab461d793a24ef9e1e58d6ae5bf6b27bd0ff0b5a0f470b301b1c00a949exe.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 672B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ