Extracted

• • Target

    8bba854cc78ef4bee78a3057cf08d3d12c6da32ba5e205bc8081b1ac0b191372.ppam

  • Size

    31KB

  • MD5

    16f58ae67e03878af86c54501a568d7b

  • SHA1

    08a9c4f7113a6775379492c398b390a0fa54a80c

  • SHA256

    8bba854cc78ef4bee78a3057cf08d3d12c6da32ba5e205bc8081b1ac0b191372

  • SHA512

    6da10597cef24583e5aecf758f822e30111486cd91c7d54e7f86386f4ad59ed8d6b44277f526c1d76e6ff21305251863d0c7f9139e4a087321ee934e7c133924

  • SSDEEP

    768:VPjhl62n+DAPR6cAzOTdFEI6WvSK4HB6dXT1YeuEktp:VNl62+669OpCCSK4HBOXB0

  Score

  10^/10

  revengeratnyancatrevengediscoverytrojan

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • RevengeRAT

    Remote-access trojan with a wide range of capabilities.

    trojanrevengerat

  • Blocklisted process makes network request

  • Suspicious use of SetThreadContext

  behavioral1behavioral2