General
-
Target
52034ff2764460d5cfb05b45b47d75fbb87c669814509f0699f02dafd869d871
-
Size
555KB
-
Sample
211001-hl5jkabahq
-
MD5
e54a585f8f4a3274802213ce217046ff
-
SHA1
74d9f661f249e37364264d56c8563e2f7a16f953
-
SHA256
52034ff2764460d5cfb05b45b47d75fbb87c669814509f0699f02dafd869d871
-
SHA512
d8fbd68601dcff1dc0a347c862c3e6ef5d71e168a5c1cfd3c89e53c184ecafebbf35e0df208bfd21486b53bd56af28105bbcc74f9b57b8e5bd358e2f7418f39a
Static task
static1
Malware Config
Extracted
raccoon
f6d7183c9e82d2a9b81e6c0608450aa66cefb51f
-
url4cnc
https://t.me/justoprostohello
Targets
-
-
Target
52034ff2764460d5cfb05b45b47d75fbb87c669814509f0699f02dafd869d871
-
Size
555KB
-
MD5
e54a585f8f4a3274802213ce217046ff
-
SHA1
74d9f661f249e37364264d56c8563e2f7a16f953
-
SHA256
52034ff2764460d5cfb05b45b47d75fbb87c669814509f0699f02dafd869d871
-
SHA512
d8fbd68601dcff1dc0a347c862c3e6ef5d71e168a5c1cfd3c89e53c184ecafebbf35e0df208bfd21486b53bd56af28105bbcc74f9b57b8e5bd358e2f7418f39a
-
suricata: ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download)
suricata: ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download)
-
suricata: ET MALWARE Win32.Raccoon Stealer Data Exfil Attempt
suricata: ET MALWARE Win32.Raccoon Stealer Data Exfil Attempt
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-