General
-
Target
f0a08759c7ffcc5dc2be1c4406357e3e0d50db90d69c957140a5d5a96677d5d6.ppam
-
Size
31KB
-
Sample
240823-mh7xqsyele
-
MD5
19dec27aebb0765515dce112629e6bf0
-
SHA1
157f1b9b9a3cfee78e41a2ee7040c2c3d31acea9
-
SHA256
f0a08759c7ffcc5dc2be1c4406357e3e0d50db90d69c957140a5d5a96677d5d6
-
SHA512
ddaaf0fbc7b03d77595cfc1f5d4dbbeaf402716e72a9c44120759bf13905b26c9b63d68ec15305ca64cc0ca4d99846a135b4aff7075b6e574f3212435f9bd421
-
SSDEEP
768:VPdLnd0SfrbXwc8594rrJqcIu4TVVSmdrUTXVHS1HbwHu:V5aSfrbXj8IrrpIu4SmdrUTg6u
Static task
static1
Behavioral task
behavioral1
Sample
f0a08759c7ffcc5dc2be1c4406357e3e0d50db90d69c957140a5d5a96677d5d6.ppam
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
f0a08759c7ffcc5dc2be1c4406357e3e0d50db90d69c957140a5d5a96677d5d6.ppam
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
NyanCatRevenge
18.228.165.84:3333
788bf014999d4ae8929
Targets
-
-
Target
f0a08759c7ffcc5dc2be1c4406357e3e0d50db90d69c957140a5d5a96677d5d6.ppam
-
Size
31KB
-
MD5
19dec27aebb0765515dce112629e6bf0
-
SHA1
157f1b9b9a3cfee78e41a2ee7040c2c3d31acea9
-
SHA256
f0a08759c7ffcc5dc2be1c4406357e3e0d50db90d69c957140a5d5a96677d5d6
-
SHA512
ddaaf0fbc7b03d77595cfc1f5d4dbbeaf402716e72a9c44120759bf13905b26c9b63d68ec15305ca64cc0ca4d99846a135b4aff7075b6e574f3212435f9bd421
-
SSDEEP
768:VPdLnd0SfrbXwc8594rrJqcIu4TVVSmdrUTXVHS1HbwHu:V5aSfrbXj8IrrpIu4SmdrUTg6u
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-