General
-
Target
5160f288a2be6fa683d27ea76ce7715dce5ec0ee.bin.zip
-
Size
415KB
-
Sample
210210-75e4jxgp6j
-
MD5
d6887acf22e078d2ba9cda49554eab07
-
SHA1
a28a6c03aa22a8ca70db410f16e37665fe1a4fa2
-
SHA256
3f3f5b36936fee100e0197ce6ad9af0ba4cb4486963127059627827555cc158d
-
SHA512
16864468bb03330bdf511d63cce77cd774aa6f083d3ebfca466a3c3ba817695c6a16635c848f26007e32d0605b257da1a95ec85fc27779217749c805a4ea4467
Static task
static1
Behavioral task
behavioral1
Sample
5160f288a2be6fa683d27ea76ce7715dce5ec0ee.bin.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
5160f288a2be6fa683d27ea76ce7715dce5ec0ee.bin.exe
Resource
win10v20201028
Malware Config
Extracted
raccoon
82c29fb2607df8c72696bda3a4882174f045af6c
-
url4cnc
https://telete.in/mvexaria
Targets
-
-
Target
5160f288a2be6fa683d27ea76ce7715dce5ec0ee.bin
-
Size
540KB
-
MD5
904cb4a566276ddef1a804f5d90c75ca
-
SHA1
0cd747418b7e155b5ee4835e6355e8d992b26e02
-
SHA256
d546a5bfabebea653ea804e4b01b5843531a7ccbfcd192570e057530046a773e
-
SHA512
a3683dd16955d2de85d4ddb9a9ea87414e6f2d64fb8557cef0646ea3252507907a4631bec4d80fe1f28c58b23a66b03354483947e94a4f8262a4550cbb1e41a4
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-