General
-
Target
70d0690f7740be76d6c2b2f62ee5cbbe594337cda04254df881915c4f834dbfc
-
Size
419KB
-
Sample
210926-wembasfbak
-
MD5
b319a4d72642ec73604e47eb1127ca56
-
SHA1
8dc84d2c7b525d7b86c2cf15b70f7bf250795d19
-
SHA256
70d0690f7740be76d6c2b2f62ee5cbbe594337cda04254df881915c4f834dbfc
-
SHA512
f55370177d5950505180e6b8e0934b0957567c329292c8ac31683dfb23bec7f6e545a365c72ef9d220c9f72b24d9aa40f8da06ee4b651dfea30f32e3d005b64d
Static task
static1
Malware Config
Extracted
raccoon
f6d7183c9e82d2a9b81e6c0608450aa66cefb51f
-
url4cnc
https://t.me/justoprostohello
Targets
-
-
Target
70d0690f7740be76d6c2b2f62ee5cbbe594337cda04254df881915c4f834dbfc
-
Size
419KB
-
MD5
b319a4d72642ec73604e47eb1127ca56
-
SHA1
8dc84d2c7b525d7b86c2cf15b70f7bf250795d19
-
SHA256
70d0690f7740be76d6c2b2f62ee5cbbe594337cda04254df881915c4f834dbfc
-
SHA512
f55370177d5950505180e6b8e0934b0957567c329292c8ac31683dfb23bec7f6e545a365c72ef9d220c9f72b24d9aa40f8da06ee4b651dfea30f32e3d005b64d
-
suricata: ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download)
suricata: ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download)
-
suricata: ET MALWARE Win32.Raccoon Stealer Data Exfil Attempt
suricata: ET MALWARE Win32.Raccoon Stealer Data Exfil Attempt
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-