General
-
Target
7e0c3f4ee3bb201339b0be1e73142374.bin
-
Size
27KB
-
Sample
240418-bwyqfage51
-
MD5
cec9dd43a59d80dcbc1747bcaefed90e
-
SHA1
354e78fd199a27a3445e0270f2fbca0d30617aec
-
SHA256
0baced14fbfd61568c6aceefe45ae91a5c5bade3caba35a195e4545cf282c09c
-
SHA512
0c2001e8a6733a52b1260c2258e75f60bf6d512282797c1d776f59f5267cc3d6739041198e71797caa1cf1ae7704d46838d6985fd88c6d3f92ef934a806c8a2d
-
SSDEEP
768:2Zr/spD2+3yw6YqRT35eKRcZspEHxeh+nTtBW:4spb3yw1kJRcZspEshknW
Static task
static1
Behavioral task
behavioral1
Sample
013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda.ppam
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda.ppam
Resource
win10v2004-20240412-en
Malware Config
Extracted
revengerat
NyanCatRevenge
craxsrat.ddns.com.br:333
27d7e6701f5e
Targets
-
-
Target
013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda.ppam
-
Size
28KB
-
MD5
7e0c3f4ee3bb201339b0be1e73142374
-
SHA1
bb1dbdfd0cbbdb0f33dba0502d896224ba567680
-
SHA256
013fefe1917cdeedc66a5e4bee5417894491591296a91a507224ae5af9618cda
-
SHA512
5398377cd90f8aa3b8834eef60fcf438c9eeed154e78447b902e04b1f5071726aa03c2bcca5280da1c8e06649b9a01f7645638ae6cd09f8a68f69fe41f299da4
-
SSDEEP
768:VPKiNgILNl1pb2GdSXlWEsusK+oCx7oho6n7vtxUkO:VC6vgIS4tokyH7lmkO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-