General
-
Target
abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744
-
Size
513KB
-
Sample
211021-1xfzfsbgcl
-
MD5
94b576115c7f0fe5c3aed538b6258694
-
SHA1
d8e7fd08729ae71d477bb70bca2641dbb519799f
-
SHA256
abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744
-
SHA512
a27afd390b8a9ce84d558037f05a3b73edc37657f5df63522e44c851d42f77aa373b52dfc9ceda2cc3a054ebf3cec2d8dda1da69d429d9d6f7f9d81c0e623d99
Static task
static1
Behavioral task
behavioral1
Sample
abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744.exe
Resource
win10-en-20210920
Malware Config
Extracted
raccoon
7ebf9b416b72a203df65383eec899dc689d2c3d7
-
url4cnc
http://telegatt.top/agrybirdsgamerept
http://telegka.top/agrybirdsgamerept
http://telegin.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744
-
Size
513KB
-
MD5
94b576115c7f0fe5c3aed538b6258694
-
SHA1
d8e7fd08729ae71d477bb70bca2641dbb519799f
-
SHA256
abea1dc63f9419bc504c6b38efc140dbd5da184da785cc128c45f39722d50744
-
SHA512
a27afd390b8a9ce84d558037f05a3b73edc37657f5df63522e44c851d42f77aa373b52dfc9ceda2cc3a054ebf3cec2d8dda1da69d429d9d6f7f9d81c0e623d99
-
Suspicious use of NtCreateProcessExOtherParentProcess
-