General
-
Target
5cf16aa21c6757f09238693e35229f4e.bin
-
Size
545B
-
Sample
240302-bqeqdagd89
-
MD5
e457baa6f7c131b3e62e816af3d04ea5
-
SHA1
4c9be169ac56950beb0f11515d535744ebd1100d
-
SHA256
8dc29da6ce87bf7d127272d5764244d42382cc5c9e53af86dbe82792cffa8b32
-
SHA512
f9658deaf51b14bb369a87ad5aef7e06c3dc4c26b3cbd5e33a572bd1cc2cdc29ab7e340afd476d4be85d81d78dfc404bd18a49e4be2008ecabcd71809b9508ff
Static task
static1
Behavioral task
behavioral1
Sample
6e6c1a2d164e6bb18f8847054bd9417f17650c2f2bbf1ef575800927fb03b9f3.vbs
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
6e6c1a2d164e6bb18f8847054bd9417f17650c2f2bbf1ef575800927fb03b9f3.vbs
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
NyanCatRevenge
brasil.ddns.com.br:333
33c61550ada3497
Targets
-
-
Target
6e6c1a2d164e6bb18f8847054bd9417f17650c2f2bbf1ef575800927fb03b9f3.vbs
-
Size
650B
-
MD5
5cf16aa21c6757f09238693e35229f4e
-
SHA1
f07993d1ffab08970971b6ff3b0b2162fc2367cb
-
SHA256
6e6c1a2d164e6bb18f8847054bd9417f17650c2f2bbf1ef575800927fb03b9f3
-
SHA512
2f92cc5fc41fa0aeeb7c15adeea6b82edaa249ed2d97401f140471de0de4fa1005a7c83ff49db154453dedea7a926b6030c47e36766c62af7b0eb83cde676426
Score10/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-