General
-
Target
7d17a86a5bf1513e56e01d7468be87db
-
Size
497KB
-
Sample
210806-13b7drbvcs
-
MD5
7d17a86a5bf1513e56e01d7468be87db
-
SHA1
5a6d18b801c333a2c93c99aab7e2048f12bb433a
-
SHA256
5b46df5a271c4e35adf1027792e4035301ae87fe4a112f89f507b37522b541be
-
SHA512
51c7896c8595b07688eec3a971f4fb952185eaac7c4c5474b61dc62e6ebfd14abbc89ec7ea1f89ccb334dd8a26cf670c29e143808f2f2767a4a05f48e489c6b0
Static task
static1
Behavioral task
behavioral1
Sample
7d17a86a5bf1513e56e01d7468be87db.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
7d17a86a5bf1513e56e01d7468be87db.exe
Resource
win10v20210410
Malware Config
Extracted
raccoon
2ca2376c561d1af7f8b9e6f3256b06220a3db187
-
url4cnc
https://telete.in/johnyes13
Targets
-
-
Target
7d17a86a5bf1513e56e01d7468be87db
-
Size
497KB
-
MD5
7d17a86a5bf1513e56e01d7468be87db
-
SHA1
5a6d18b801c333a2c93c99aab7e2048f12bb433a
-
SHA256
5b46df5a271c4e35adf1027792e4035301ae87fe4a112f89f507b37522b541be
-
SHA512
51c7896c8595b07688eec3a971f4fb952185eaac7c4c5474b61dc62e6ebfd14abbc89ec7ea1f89ccb334dd8a26cf670c29e143808f2f2767a4a05f48e489c6b0
-
Raccoon Stealer Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-