General
-
Target
keygen-step-2.exe
-
Size
246KB
-
Sample
210413-p5gyvrqwxe
-
MD5
60290ece1dd50638640f092e9c992fd9
-
SHA1
ed4c19916228dbbe3b48359a1da2bc2c78a0a162
-
SHA256
b2df7da266e778e98107f64e0155071ac9e07ded4f556c7d7a3071dd5fbf5e06
-
SHA512
928a2a951bb778b0d0a7ac681f66569bc9b707faf3878bf5f87b5b0ab117e34f6b846a5247bbb7aa2a086ecac8882b528a44be809e0900e177dae4b546dd32a4
Static task
static1
Behavioral task
behavioral1
Sample
keygen-step-2.exe
Resource
win10v20210408
Behavioral task
behavioral2
Sample
keygen-step-2.exe
Resource
win10v20210410
Malware Config
Extracted
raccoon
a6bfe7e504db71e25642b830fd9b2c4366cf882a
-
url4cnc
https://telete.in/j90dadarobin
Targets
-
-
Target
keygen-step-2.exe
-
Size
246KB
-
MD5
60290ece1dd50638640f092e9c992fd9
-
SHA1
ed4c19916228dbbe3b48359a1da2bc2c78a0a162
-
SHA256
b2df7da266e778e98107f64e0155071ac9e07ded4f556c7d7a3071dd5fbf5e06
-
SHA512
928a2a951bb778b0d0a7ac681f66569bc9b707faf3878bf5f87b5b0ab117e34f6b846a5247bbb7aa2a086ecac8882b528a44be809e0900e177dae4b546dd32a4
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-