General
-
Target
a168b5b542d041a874bcdc7261236297.exe
-
Size
518KB
-
Sample
210731-56f2dpv4v6
-
MD5
a168b5b542d041a874bcdc7261236297
-
SHA1
1b8a5e4844e304e5922765263f650ba8266a2e33
-
SHA256
4afb5969afd2c92b331d1fef3412103b6fa4d1ab3f386b9cf505b694038790bc
-
SHA512
1fd7073cb448f2e37e50faf8fcbf16bf31c2bcbb63eeffe13c57e3a1861061689bc65cc51fc40073dcf86b749f27a0ad3823b1fbba33b5ccaad8df22543b62b9
Static task
static1
Behavioral task
behavioral1
Sample
a168b5b542d041a874bcdc7261236297.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
a168b5b542d041a874bcdc7261236297.exe
Resource
win10v20210408
Malware Config
Extracted
raccoon
8698be2e7e5a4e7e4dc8cd71c3845a10c60398c6
-
url4cnc
https://telete.in/youyouhell0world
Targets
-
-
Target
a168b5b542d041a874bcdc7261236297.exe
-
Size
518KB
-
MD5
a168b5b542d041a874bcdc7261236297
-
SHA1
1b8a5e4844e304e5922765263f650ba8266a2e33
-
SHA256
4afb5969afd2c92b331d1fef3412103b6fa4d1ab3f386b9cf505b694038790bc
-
SHA512
1fd7073cb448f2e37e50faf8fcbf16bf31c2bcbb63eeffe13c57e3a1861061689bc65cc51fc40073dcf86b749f27a0ad3823b1fbba33b5ccaad8df22543b62b9
-
Raccoon Stealer Payload
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-