General
-
Target
48441870358.exe
-
Size
861KB
-
Sample
210322-dv7jgyzz5e
-
MD5
d955a83fd9673e4cb18f04a5a27dce76
-
SHA1
f79d286030dee02f9dfe0254b96b2b36f640bc7f
-
SHA256
aa28c45fdbbb903b0dcfaa9e7ba9461ea02bb3f1dcaa9ace2082e14fdbcda73b
-
SHA512
22e8ad2bb11dd76d3d6d61c948fc86119994aaa907d49aaef470be81d12bbd2bf8447063efb6993d50848a4c399d670aad0bdfc78284fb2c1adde626256650e3
Static task
static1
Behavioral task
behavioral1
Sample
48441870358.exe
Resource
win10v20201028
Malware Config
Extracted
raccoon
c46f13f8aadc028907d65c627fd9163161661f6c
-
url4cnc
https://telete.in/capibar
Targets
-
-
Target
48441870358.exe
-
Size
861KB
-
MD5
d955a83fd9673e4cb18f04a5a27dce76
-
SHA1
f79d286030dee02f9dfe0254b96b2b36f640bc7f
-
SHA256
aa28c45fdbbb903b0dcfaa9e7ba9461ea02bb3f1dcaa9ace2082e14fdbcda73b
-
SHA512
22e8ad2bb11dd76d3d6d61c948fc86119994aaa907d49aaef470be81d12bbd2bf8447063efb6993d50848a4c399d670aad0bdfc78284fb2c1adde626256650e3
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-