General
-
Target
ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b
-
Size
3.8MB
-
Sample
211018-ps182seedk
-
MD5
668656cd25b7af46075db91e4eeaf9bf
-
SHA1
a8eb80d6470bf59051359d10822498df6ee8bd36
-
SHA256
ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b
-
SHA512
26e9b44b81b4d106e9972225717e6f4bfd42f6c77e51d9a8c8e4639a605a3d3e708081b4780d670c906e2ac19854c42504c7cf69728b0ba7655d9379e9da88c9
Static task
static1
Behavioral task
behavioral1
Sample
ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b.exe
Resource
win10-en-20210920
Malware Config
Extracted
raccoon
cf3e15a8aec8fe7eead8f124a5222c57fad37d42
-
url4cnc
http://telegatt.top/dodgeneontwinturbo
http://telegka.top/dodgeneontwinturbo
http://telegin.top/dodgeneontwinturbo
https://t.me/dodgeneontwinturbo
Targets
-
-
Target
ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b
-
Size
3.8MB
-
MD5
668656cd25b7af46075db91e4eeaf9bf
-
SHA1
a8eb80d6470bf59051359d10822498df6ee8bd36
-
SHA256
ef0cd7ca55ad803019d2048eda92bfafb2e0fcdef7739d01015e3eb35dd4c07b
-
SHA512
26e9b44b81b4d106e9972225717e6f4bfd42f6c77e51d9a8c8e4639a605a3d3e708081b4780d670c906e2ac19854c42504c7cf69728b0ba7655d9379e9da88c9
-
Suspicious use of NtCreateProcessExOtherParentProcess
-