General
-
Target
6BB2444563F03F98BCBB81453AF4E8C0.exe
-
Size
537KB
-
Sample
210805-kmm665g9ze
-
MD5
6bb2444563f03f98bcbb81453af4e8c0
-
SHA1
97f7d6c15d2a1cd34d32e6d6106fcf5e8a0515ed
-
SHA256
af1beafe8b2042586f291bd09192e420349c87bfaf48233c9ae5ceae4b19df4d
-
SHA512
dbf81f69c4e9086cf6da8e83f3f32346e44a590d4c037c02c83a5e3af2f666dec0a00a4eb296c90d54a4231b8060b76cf26147f4bb78b6e04d6009c77082be36
Static task
static1
Behavioral task
behavioral1
Sample
6BB2444563F03F98BCBB81453AF4E8C0.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
6BB2444563F03F98BCBB81453AF4E8C0.exe
Resource
win10v20210410
Malware Config
Extracted
raccoon
92be0387873e54dd629b9bfa972c3a9a88e6726c
-
url4cnc
https://t.me/gishsunsetman
Targets
-
-
Target
6BB2444563F03F98BCBB81453AF4E8C0.exe
-
Size
537KB
-
MD5
6bb2444563f03f98bcbb81453af4e8c0
-
SHA1
97f7d6c15d2a1cd34d32e6d6106fcf5e8a0515ed
-
SHA256
af1beafe8b2042586f291bd09192e420349c87bfaf48233c9ae5ceae4b19df4d
-
SHA512
dbf81f69c4e9086cf6da8e83f3f32346e44a590d4c037c02c83a5e3af2f666dec0a00a4eb296c90d54a4231b8060b76cf26147f4bb78b6e04d6009c77082be36
-
Raccoon Stealer Payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-