General
-
Target
0b2bdf84b652a409fc9875e73d896945143ad918556caeba75526740714d02ea.ppam
-
Size
16KB
-
Sample
240302-fnp6jsae4v
-
MD5
a47e4c737b038a0b8523f430fc97e340
-
SHA1
01125244b799ecb7eadbe94ff10887d3e28e02c1
-
SHA256
0b2bdf84b652a409fc9875e73d896945143ad918556caeba75526740714d02ea
-
SHA512
3436df276bf9daca84afb63bcf34111423799095dfc3af326b6a5993680dab5a086c321891223fb5536dc8529223fe1579f548981195ee91b798396f83327392
-
SSDEEP
192:xrXP/MTsLviNbffWmwiG1QHhk8/fjx2DHeVxlAKsW0r/ls6faz6MfPfVV7ZAjUbR:dXPr0b+sH6DD+VHAwqtsuaNPfrFAa3
Static task
static1
Behavioral task
behavioral1
Sample
0b2bdf84b652a409fc9875e73d896945143ad918556caeba75526740714d02ea.ppam
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0b2bdf84b652a409fc9875e73d896945143ad918556caeba75526740714d02ea.ppam
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
NyanCatRevenge
brasil.ddns.com.br:333
5e241e476b334640a2f
Targets
-
-
Target
0b2bdf84b652a409fc9875e73d896945143ad918556caeba75526740714d02ea.ppam
-
Size
16KB
-
MD5
a47e4c737b038a0b8523f430fc97e340
-
SHA1
01125244b799ecb7eadbe94ff10887d3e28e02c1
-
SHA256
0b2bdf84b652a409fc9875e73d896945143ad918556caeba75526740714d02ea
-
SHA512
3436df276bf9daca84afb63bcf34111423799095dfc3af326b6a5993680dab5a086c321891223fb5536dc8529223fe1579f548981195ee91b798396f83327392
-
SSDEEP
192:xrXP/MTsLviNbffWmwiG1QHhk8/fjx2DHeVxlAKsW0r/ls6faz6MfPfVV7ZAjUbR:dXPr0b+sH6DD+VHAwqtsuaNPfrFAa3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-