General
-
Target
0b513ed0e3e2921a5ede2d40d8925d43bf5a9e2f07687936b523525ece0f96b6
-
Size
495KB
-
Sample
210807-zndx8mm882
-
MD5
989e585bcd798237932b7e48c66b352c
-
SHA1
1e5b34f80f2aee4b4bed858fb5168e0490e75b01
-
SHA256
0b513ed0e3e2921a5ede2d40d8925d43bf5a9e2f07687936b523525ece0f96b6
-
SHA512
a0fff6dc9932d9130577b3c8e25378314bfb5372bf8648331a8ec5b7c0b89f3e69aada14b5097fb87b6789dba7477edd4bd883032d533d54802491b572d17553
Static task
static1
Malware Config
Extracted
raccoon
83fbe81dd43f775dd8af3cd619f88f428fbd9a96
-
url4cnc
https://telete.in/opa4kiprivatem
Targets
-
-
Target
0b513ed0e3e2921a5ede2d40d8925d43bf5a9e2f07687936b523525ece0f96b6
-
Size
495KB
-
MD5
989e585bcd798237932b7e48c66b352c
-
SHA1
1e5b34f80f2aee4b4bed858fb5168e0490e75b01
-
SHA256
0b513ed0e3e2921a5ede2d40d8925d43bf5a9e2f07687936b523525ece0f96b6
-
SHA512
a0fff6dc9932d9130577b3c8e25378314bfb5372bf8648331a8ec5b7c0b89f3e69aada14b5097fb87b6789dba7477edd4bd883032d533d54802491b572d17553
-
Detected phishing page
-
Raccoon Stealer Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-