General
-
Target
http://5.61.33.200/henos.exe
-
Sample
210225-1m7dl96gn2
Static task
static1
URLScan task
urlscan1
Sample
http://5.61.33.200/henos.exe
Behavioral task
behavioral1
Sample
http://5.61.33.200/henos.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
Malware Config
Extracted
Family
raccoon
Botnet
21caed469b59526d75348692eec1d8ae289ec69c
Attributes
-
url4cnc
https://telete.in/j90maninblack
rc4.plain
rc4.plain
Targets
-
-
Target
http://5.61.33.200/henos.exe
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Executes dropped EXE
-