General
-
Target
5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8
-
Size
587KB
-
Sample
211020-wfvztshdf4
-
MD5
3806b4d9dcd3f2f825caf10ee614a22d
-
SHA1
0a1dba880a465dbc97bbc71dace9eb2be513e36e
-
SHA256
5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8
-
SHA512
83803f2a836b29fc8d9c05be06b83e0f0f13cafd305db4f9d63e388bcd11a7b812cb8bec3a6195b987b7bc2e1e151948e9f9ec37e1f16896ca89b992aa7bdc30
Static task
static1
Behavioral task
behavioral1
Sample
5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8.exe
Resource
win10-en-20210920
Malware Config
Extracted
raccoon
887a0ffaca448362277f2227182491216b734133
-
url4cnc
http://telegka.top/jdiamond13
http://telegin.top/jdiamond13
https://t.me/jdiamond13
Targets
-
-
Target
5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8
-
Size
587KB
-
MD5
3806b4d9dcd3f2f825caf10ee614a22d
-
SHA1
0a1dba880a465dbc97bbc71dace9eb2be513e36e
-
SHA256
5d9672294ebb09c75add6d6c78190429bc90e82b7b3e096598f1ec3374ed0ca8
-
SHA512
83803f2a836b29fc8d9c05be06b83e0f0f13cafd305db4f9d63e388bcd11a7b812cb8bec3a6195b987b7bc2e1e151948e9f9ec37e1f16896ca89b992aa7bdc30
-
Suspicious use of NtCreateProcessExOtherParentProcess
-