General
-
Target
fa7701d082ff43c66e853a8cc0949bce6d2837f4190def5b75f631be0006f59a
-
Size
27KB
-
Sample
240827-srtz5axdjb
-
MD5
e114626af1e6f60e4e0eab0da05d01e7
-
SHA1
b200f0ce036bb5cadce0d8d5d364413f3e7902a6
-
SHA256
fa7701d082ff43c66e853a8cc0949bce6d2837f4190def5b75f631be0006f59a
-
SHA512
b07441656c51355d07eca4f88b86c60b86d71397ea20c3550d4492dfcfc1949190b2bf85c7709d22c715752a54501146c57623078935e4a2bccde044a5e86a2e
-
SSDEEP
768:VPk/BU66pEhHEZzMDbO/bZlqf4CLDu0We:VkU66KhHEZzMDCDHq4w60We
Static task
static1
Behavioral task
behavioral1
Sample
fa7701d082ff43c66e853a8cc0949bce6d2837f4190def5b75f631be0006f59a.ppam
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
fa7701d082ff43c66e853a8cc0949bce6d2837f4190def5b75f631be0006f59a.ppam
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
NyanCatRevenge
18.228.165.84:3333
788bf014999d4ae8929
Targets
-
-
Target
fa7701d082ff43c66e853a8cc0949bce6d2837f4190def5b75f631be0006f59a
-
Size
27KB
-
MD5
e114626af1e6f60e4e0eab0da05d01e7
-
SHA1
b200f0ce036bb5cadce0d8d5d364413f3e7902a6
-
SHA256
fa7701d082ff43c66e853a8cc0949bce6d2837f4190def5b75f631be0006f59a
-
SHA512
b07441656c51355d07eca4f88b86c60b86d71397ea20c3550d4492dfcfc1949190b2bf85c7709d22c715752a54501146c57623078935e4a2bccde044a5e86a2e
-
SSDEEP
768:VPk/BU66pEhHEZzMDbO/bZlqf4CLDu0We:VkU66KhHEZzMDCDHq4w60We
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-