General
-
Target
SecuriteInfo.com.Trojan.GenericKD.46113648.15223.2651
-
Size
1.1MB
-
Sample
210421-n58bxdswzj
-
MD5
8b2e4d58d048020e58093528059f0cd4
-
SHA1
d3338e7f1607a32b7f4fe25055ad975a830157ac
-
SHA256
c082ed88815d66ea1bf11f905d15a39faa502d4b458a15cf31d5cd5e7bc7156e
-
SHA512
0a28829da290734f33ee9678908fd4e0dad963001d06ea8bc315db45ab7c4bfef72f0a9967d5eeed69dcc00f75f4e193c578ee3eded67c746c6014a3beafb41b
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.GenericKD.46113648.15223.2651.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.GenericKD.46113648.15223.2651.exe
Resource
win10v20210408
Malware Config
Extracted
raccoon
ff6a6d1e906b1f4b9e9440de61b268a94c35bbac
-
url4cnc
https://tttttt.me/j99optiktok
Targets
-
-
Target
SecuriteInfo.com.Trojan.GenericKD.46113648.15223.2651
-
Size
1.1MB
-
MD5
8b2e4d58d048020e58093528059f0cd4
-
SHA1
d3338e7f1607a32b7f4fe25055ad975a830157ac
-
SHA256
c082ed88815d66ea1bf11f905d15a39faa502d4b458a15cf31d5cd5e7bc7156e
-
SHA512
0a28829da290734f33ee9678908fd4e0dad963001d06ea8bc315db45ab7c4bfef72f0a9967d5eeed69dcc00f75f4e193c578ee3eded67c746c6014a3beafb41b
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-