General
-
Target
cd1c1ef1ce2641a72af51aca4e79f948f3f04ca5d5571f970eb6b51ff8a9f998.ppam
-
Size
23KB
-
Sample
240828-crzyda1ekh
-
MD5
79d4a100a004c833d0b39729928e682a
-
SHA1
d736bfbf63c900f4589ad2bdcdbe32dcec92782a
-
SHA256
cd1c1ef1ce2641a72af51aca4e79f948f3f04ca5d5571f970eb6b51ff8a9f998
-
SHA512
34140113cc40c374f3bafff7efaf366e1b99d821b36533eb9ab470df601a2e22e7f2cbef50803aece7d26ab6e36f913a9b69c21cc193b400d77e4aabd754471b
-
SSDEEP
384:dXP0EFoPvVYuAGxSD4FOSY6nk7fQ/9aQpQy0Y7hn1JphgRazq3983hEdKm5e/Df4:VP0EFoPNYuALkXk7fQ/9/b0g1Vwv3yhs
Static task
static1
Behavioral task
behavioral1
Sample
cd1c1ef1ce2641a72af51aca4e79f948f3f04ca5d5571f970eb6b51ff8a9f998.ppam
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
cd1c1ef1ce2641a72af51aca4e79f948f3f04ca5d5571f970eb6b51ff8a9f998.ppam
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
NyanCatRevenge
18.228.165.84:3333
788bf014999d4ae8929
Targets
-
-
Target
cd1c1ef1ce2641a72af51aca4e79f948f3f04ca5d5571f970eb6b51ff8a9f998.ppam
-
Size
23KB
-
MD5
79d4a100a004c833d0b39729928e682a
-
SHA1
d736bfbf63c900f4589ad2bdcdbe32dcec92782a
-
SHA256
cd1c1ef1ce2641a72af51aca4e79f948f3f04ca5d5571f970eb6b51ff8a9f998
-
SHA512
34140113cc40c374f3bafff7efaf366e1b99d821b36533eb9ab470df601a2e22e7f2cbef50803aece7d26ab6e36f913a9b69c21cc193b400d77e4aabd754471b
-
SSDEEP
384:dXP0EFoPvVYuAGxSD4FOSY6nk7fQ/9aQpQy0Y7hn1JphgRazq3983hEdKm5e/Df4:VP0EFoPNYuALkXk7fQ/9/b0g1Vwv3yhs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-