General
-
Target
RES094464-2180.ppam
-
Size
28KB
-
Sample
240416-szr6hadf74
-
MD5
7e0c3f4ee3bb201339b0be1e73142374
-
SHA1
bb1dbdfd0cbbdb0f33dba0502d896224ba567680
-
SHA256
013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda
-
SHA512
5398377cd90f8aa3b8834eef60fcf438c9eeed154e78447b902e04b1f5071726aa03c2bcca5280da1c8e06649b9a01f7645638ae6cd09f8a68f69fe41f299da4
-
SSDEEP
768:VPKiNgILNl1pb2GdSXlWEsusK+oCx7oho6n7vtxUkO:VC6vgIS4tokyH7lmkO
Static task
static1
Behavioral task
behavioral1
Sample
RES094464-2180.ppam
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
RES094464-2180.ppam
Resource
win10v2004-20240412-en
Malware Config
Extracted
revengerat
NyanCatRevenge
craxsrat.ddns.com.br:333
27d7e6701f5e
Targets
-
-
Target
RES094464-2180.ppam
-
Size
28KB
-
MD5
7e0c3f4ee3bb201339b0be1e73142374
-
SHA1
bb1dbdfd0cbbdb0f33dba0502d896224ba567680
-
SHA256
013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda
-
SHA512
5398377cd90f8aa3b8834eef60fcf438c9eeed154e78447b902e04b1f5071726aa03c2bcca5280da1c8e06649b9a01f7645638ae6cd09f8a68f69fe41f299da4
-
SSDEEP
768:VPKiNgILNl1pb2GdSXlWEsusK+oCx7oho6n7vtxUkO:VC6vgIS4tokyH7lmkO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-