General
-
Target
5707DDADA5B7EA6BEF434CD294FA12E1.exe
-
Size
1.3MB
-
Sample
210815-9ha784hdpe
-
MD5
5707ddada5b7ea6bef434cd294fa12e1
-
SHA1
45bb285a597b30e100ed4b15d96a29d718697e5e
-
SHA256
85205aa3ad824b5172d5da841d253c3a54aff5d00eb2c208029e9453008f132c
-
SHA512
91cbdbf8da7e4e34de45a99359bdc321a66d6646ed14a1042346824c8daa6237281eff3b00fd162009c5e3204e5a7cd3b944f05e18b7f9066d0f9dd16b56bf13
Static task
static1
Behavioral task
behavioral1
Sample
5707DDADA5B7EA6BEF434CD294FA12E1.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
5707DDADA5B7EA6BEF434CD294FA12E1.exe
Resource
win10v20210408
Malware Config
Extracted
raccoon
471c70de3b4f9e4d493e418d1f60a90659057de0
-
url4cnc
https://telete.in/p1rosto100xx
Targets
-
-
Target
5707DDADA5B7EA6BEF434CD294FA12E1.exe
-
Size
1.3MB
-
MD5
5707ddada5b7ea6bef434cd294fa12e1
-
SHA1
45bb285a597b30e100ed4b15d96a29d718697e5e
-
SHA256
85205aa3ad824b5172d5da841d253c3a54aff5d00eb2c208029e9453008f132c
-
SHA512
91cbdbf8da7e4e34de45a99359bdc321a66d6646ed14a1042346824c8daa6237281eff3b00fd162009c5e3204e5a7cd3b944f05e18b7f9066d0f9dd16b56bf13
-
Raccoon Stealer Payload
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-