General
-
Target
n4mz9.bin.zip
-
Size
425KB
-
Sample
210613-1wrewwtgka
-
MD5
13699f2258ca98a65c33d3deee8527e0
-
SHA1
227ab157e198eb2bceb12cd1284daa9eac5341ba
-
SHA256
0874b7df3c63fecb16e26a364eae32c57df4eab56827c19e3ee85e4ec6eefcf5
-
SHA512
3221f1bb3f65245ee98306caf25b851e9fa19d8b2cea061d4d575ba1348df4a637b3906e525a8242390c832ce65b34d607b8a4293a2e3f4ccad4428ae5623a05
Static task
static1
Behavioral task
behavioral1
Sample
n4mz9.bin.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
n4mz9.bin.exe
Resource
win10v20210408
Malware Config
Extracted
raccoon
3d7990f080e9dcb56104447e3789dec4380efc8b
-
url4cnc
https://telete.in/jvadikkamushkin
Targets
-
-
Target
n4mz9.bin
-
Size
568KB
-
MD5
bf158ee84ed8e768d8a850c7a710fe09
-
SHA1
0c86e66bc4c7f79073d555c02357e97782bdfa12
-
SHA256
b901aeaa6debaac5dff3a08c034667f4498419f38f659348360cc8177f9106c1
-
SHA512
7f6d2f6a2fdc58dd5b48b7386c96130ea1948f4381a84ba2267b9998604c472658a8bc93cad600e0f41713d5db89848bcd61bad40dec88b393ae19f3d6303ba2
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-