General
-
Target
Reserva Detalhes.ppam
-
Size
8KB
-
Sample
231228-jr4pwsaeg3
-
MD5
38a0eb561cbe53efb6a6bbbaef74e480
-
SHA1
a006b9112485374499ecaa1d6f989d1f29a4dd6f
-
SHA256
f651bda0b4fd972f48db97f7d7c57f4d66fb69f9c6a3f847a2a265d7dbe33469
-
SHA512
b2a59cf376dc3724867d9012eebc9cfabce8657b1f0eeb5671e764c5be216b97db1a88209d2ba0f7949035185712ab87d3f464bf51adfa34d46f3cb6e1bc027c
-
SSDEEP
192:xrXP/sUwOwsOa0PuuSUPmttJTd4joE3N9OycExwc:dXP+No8m7JTd4d9OycExR
Static task
static1
Behavioral task
behavioral1
Sample
Reserva Detalhes.ppam
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Reserva Detalhes.ppam
Resource
win10v2004-20231215-en
Malware Config
Extracted
revengerat
NyanCatRevenge
marcelotatuape.ddns.net:333
281db369c9dc4bc4b1
Targets
-
-
Target
Reserva Detalhes.ppam
-
Size
8KB
-
MD5
38a0eb561cbe53efb6a6bbbaef74e480
-
SHA1
a006b9112485374499ecaa1d6f989d1f29a4dd6f
-
SHA256
f651bda0b4fd972f48db97f7d7c57f4d66fb69f9c6a3f847a2a265d7dbe33469
-
SHA512
b2a59cf376dc3724867d9012eebc9cfabce8657b1f0eeb5671e764c5be216b97db1a88209d2ba0f7949035185712ab87d3f464bf51adfa34d46f3cb6e1bc027c
-
SSDEEP
192:xrXP/sUwOwsOa0PuuSUPmttJTd4joE3N9OycExwc:dXP+No8m7JTd4d9OycExR
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Legitimate hosting services abused for malware hosting/C2
-