General
-
Target
d36a08c340cf92a38609b94b4f3f9dd6f5cdc0f018cb5c8798f942ce1df4b8b2-20210419-112337
-
Size
1MB
-
Sample
210420-ty7pxbh3cx
-
MD5
ad68cfb03cc87af60feaedf9e7122980
-
SHA1
49746e3cf5a7907f429abebbdc417052ab2426bb
-
SHA256
d36a08c340cf92a38609b94b4f3f9dd6f5cdc0f018cb5c8798f942ce1df4b8b2
-
SHA512
6774a8dc74dc8428dcb8d833e8103dada91fbb153e2fa34bc60b7cf64d501d76ebf9d64059e35d1f3fdd3229acc9e7dfc4a8ef2200fd0573461320cd6c77dfa5
Static task
static1
Behavioral task
behavioral1
Sample
d36a08c340cf92a38609b94b4f3f9dd6f5cdc0f018cb5c8798f942ce1df4b8b2-20210419-112337.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
d36a08c340cf92a38609b94b4f3f9dd6f5cdc0f018cb5c8798f942ce1df4b8b2-20210419-112337.exe
Resource
win10v20210408
Malware Config
Extracted
raccoon
de84b23617fda0c917000bc959811a50e6ff9a22
-
url4cnc
https://telete.in/h_fom085_1
Targets
-
-
Target
d36a08c340cf92a38609b94b4f3f9dd6f5cdc0f018cb5c8798f942ce1df4b8b2-20210419-112337
-
Size
1MB
-
MD5
ad68cfb03cc87af60feaedf9e7122980
-
SHA1
49746e3cf5a7907f429abebbdc417052ab2426bb
-
SHA256
d36a08c340cf92a38609b94b4f3f9dd6f5cdc0f018cb5c8798f942ce1df4b8b2
-
SHA512
6774a8dc74dc8428dcb8d833e8103dada91fbb153e2fa34bc60b7cf64d501d76ebf9d64059e35d1f3fdd3229acc9e7dfc4a8ef2200fd0573461320cd6c77dfa5
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-