General
-
Target
7d0497c05e8d919fec5641334cbfd638b10e23674e04abbd71df4556917861d2.ppam
-
Size
27KB
-
Sample
240828-smwcdsvgmn
-
MD5
c3313364d3a12339eb5f77410bb0a31a
-
SHA1
a496f4f079f45ccef67715a51a2ad8185fee9ce3
-
SHA256
7d0497c05e8d919fec5641334cbfd638b10e23674e04abbd71df4556917861d2
-
SHA512
2337e7996a67a60c8ba679167a20bccb82a334eaf88d85e5dc7486125809acbebf6772ff1cf439a95cb01c0afa5d460b804fe3cc3174f76305b3cde946bddd2c
-
SSDEEP
768:VPc2teKCz5J61JLDgJOabcssG8bKR8QJTkM5xRh:VO36XL9abcskE5x/
Static task
static1
Behavioral task
behavioral1
Sample
7d0497c05e8d919fec5641334cbfd638b10e23674e04abbd71df4556917861d2.ppam
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
7d0497c05e8d919fec5641334cbfd638b10e23674e04abbd71df4556917861d2.ppam
Resource
win10v2004-20240802-en
Malware Config
Extracted
revengerat
NyanCatRevenge
18.228.165.84:3333
788bf014999d4ae8929
Targets
-
-
Target
7d0497c05e8d919fec5641334cbfd638b10e23674e04abbd71df4556917861d2.ppam
-
Size
27KB
-
MD5
c3313364d3a12339eb5f77410bb0a31a
-
SHA1
a496f4f079f45ccef67715a51a2ad8185fee9ce3
-
SHA256
7d0497c05e8d919fec5641334cbfd638b10e23674e04abbd71df4556917861d2
-
SHA512
2337e7996a67a60c8ba679167a20bccb82a334eaf88d85e5dc7486125809acbebf6772ff1cf439a95cb01c0afa5d460b804fe3cc3174f76305b3cde946bddd2c
-
SSDEEP
768:VPc2teKCz5J61JLDgJOabcssG8bKR8QJTkM5xRh:VO36XL9abcskE5x/
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-