General
-
Target
dbcb21d5f9c1a74aaeacb6fd5e4bda89af7cf80461eae3fa3c61a8bb90bf5044.ppam
-
Size
21KB
-
Sample
240314-da2ajsbb65
-
MD5
0fa350aeda0300d702cbffe77bdf26e1
-
SHA1
3b9a66fd26bfd26cff53e222744b382da0735c74
-
SHA256
dbcb21d5f9c1a74aaeacb6fd5e4bda89af7cf80461eae3fa3c61a8bb90bf5044
-
SHA512
d4514a79d24d5b165f0588cfa370a92e6d781add023878b515248c453153e26b9e701b2d5b7a1e02976783ba5925a0fd353d25ab8510419c4b6b30df2858e0d1
-
SSDEEP
384:dXP27u0zBE0RZ+T9cx/7tsZKhNVqo6JV5ZjXDcd42nS5wYFjg1zTeQcxUwPMyvxh:VP2r60L+BS6ZkHqxJZkd42Sr9g1Xed0k
Static task
static1
Behavioral task
behavioral1
Sample
dbcb21d5f9c1a74aaeacb6fd5e4bda89af7cf80461eae3fa3c61a8bb90bf5044.ppam
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dbcb21d5f9c1a74aaeacb6fd5e4bda89af7cf80461eae3fa3c61a8bb90bf5044.ppam
Resource
win10v2004-20240226-en
Malware Config
Extracted
revengerat
NyanCatRevenge
craxsrat.ddns.com.br:333
27d7e6701f5e
Targets
-
-
Target
dbcb21d5f9c1a74aaeacb6fd5e4bda89af7cf80461eae3fa3c61a8bb90bf5044.ppam
-
Size
21KB
-
MD5
0fa350aeda0300d702cbffe77bdf26e1
-
SHA1
3b9a66fd26bfd26cff53e222744b382da0735c74
-
SHA256
dbcb21d5f9c1a74aaeacb6fd5e4bda89af7cf80461eae3fa3c61a8bb90bf5044
-
SHA512
d4514a79d24d5b165f0588cfa370a92e6d781add023878b515248c453153e26b9e701b2d5b7a1e02976783ba5925a0fd353d25ab8510419c4b6b30df2858e0d1
-
SSDEEP
384:dXP27u0zBE0RZ+T9cx/7tsZKhNVqo6JV5ZjXDcd42nS5wYFjg1zTeQcxUwPMyvxh:VP2r60L+BS6ZkHqxJZkd42Sr9g1Xed0k
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-