Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

cancelar a...a.ppam

windows7-x64

10

cancelar a...a.ppam

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cancelar a reserva.ppam

  • Size

    34KB

  • Sample

    240820-pp2qeawajr

  • MD5

    e6c62c08bcf6e855dcc57d4672f35f22

  • SHA1

    1a314ad57695bc7c1eb5a56069680ba504bcd63d

  • SHA256

    a0c62d117ca24a43bc6ca8d4fd841429827728d46aed60ae0c1dd93e7d44c4c7

  • SHA512

    8d5bf322c93f8cbe4802b21b6a6151d57406eb600490d90d29eeee1485ffa80d643a3a4cabdff81b0789f2d4014178ee66be1087382d8c0972a324dabd249108

  • SSDEEP

    768:VPJJIjv1RFbo18t+HpTa1lzv5Z4G2rQdSss+0WfqQ:VxJITFU8sEjv5krKS80Sl

Score
10/10
revengeratnyancatrevengediscoverytrojan

Malware Config

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

18.228.165.84:3333

Mutex

788bf014999d4ae8929

Targets

    • Target

      cancelar a reserva.ppam

    • Size

      34KB

    • MD5

      e6c62c08bcf6e855dcc57d4672f35f22

    • SHA1

      1a314ad57695bc7c1eb5a56069680ba504bcd63d

    • SHA256

      a0c62d117ca24a43bc6ca8d4fd841429827728d46aed60ae0c1dd93e7d44c4c7

    • SHA512

      8d5bf322c93f8cbe4802b21b6a6151d57406eb600490d90d29eeee1485ffa80d643a3a4cabdff81b0789f2d4014178ee66be1087382d8c0972a324dabd249108

    • SSDEEP

      768:VPJJIjv1RFbo18t+HpTa1lzv5Z4G2rQdSss+0WfqQ:VxJITFU8sEjv5krKS80Sl

    Score
    10/10
    revengeratnyancatrevengediscoverytrojan

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • RevengeRAT

      Remote-access trojan with a wide range of capabilities.

      trojanrevengerat

    • Blocklisted process makes network request

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.