General
-
Target
b202ec278be8a5387bac531813f482ca
-
Size
1.6MB
-
Sample
240304-nkw4paab52
-
MD5
b202ec278be8a5387bac531813f482ca
-
SHA1
772a8ea7f4671d6138701bde80bc50f7f4c3c128
-
SHA256
8957c7ce7669809a7e22b017f87fefdbfe89caa099b036048019511a5bbc4cb3
-
SHA512
de51589f8417bc41effccaf4e43f760f898139efbd42eb5aa1c66d3332cedcd664a10df831d09333631dc9682e3bcf850f6978315ba991b5a699c07582b00ace
-
SSDEEP
24576:tv+4z/kMXYP7I+/qF9fLueyyCgo0N4+47KTQJWs9h4aDiW5FRkTZRM4F:7oP7t/CH7o0N4+ZkJ2aDiIFoZRT
Static task
static1
Behavioral task
behavioral1
Sample
b202ec278be8a5387bac531813f482ca.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b202ec278be8a5387bac531813f482ca.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
NyanCatRevenge
dontreachme.duckdns.org:3602
774d753e6b8d42
Targets
-
-
Target
b202ec278be8a5387bac531813f482ca
-
Size
1.6MB
-
MD5
b202ec278be8a5387bac531813f482ca
-
SHA1
772a8ea7f4671d6138701bde80bc50f7f4c3c128
-
SHA256
8957c7ce7669809a7e22b017f87fefdbfe89caa099b036048019511a5bbc4cb3
-
SHA512
de51589f8417bc41effccaf4e43f760f898139efbd42eb5aa1c66d3332cedcd664a10df831d09333631dc9682e3bcf850f6978315ba991b5a699c07582b00ace
-
SSDEEP
24576:tv+4z/kMXYP7I+/qF9fLueyyCgo0N4+47KTQJWs9h4aDiW5FRkTZRM4F:7oP7t/CH7o0N4+ZkJ2aDiIFoZRT
Score10/10-
Detect ZGRat V1
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-