General
-
Target
5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5
-
Size
512KB
-
Sample
211021-avc7nshfh2
-
MD5
61d42f5881cfe3a2d2d16d1d4a753d2a
-
SHA1
64ee44562372947ddbb5fd66701908ab410d60ac
-
SHA256
5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5
-
SHA512
d5e8f79256a663a1a81c35ba1027b900bec359dbcdb9fc3f801680904e210ce62ab7453ba3eeedb0a0c824a0c4f3f7d787ce8bbe2c4430d1cd10c228084e6037
Static task
static1
Behavioral task
behavioral1
Sample
5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5.exe
Resource
win10-en-20210920
Malware Config
Extracted
raccoon
887a0ffaca448362277f2227182491216b734133
-
url4cnc
http://telegka.top/jdiamond13
http://telegin.top/jdiamond13
https://t.me/jdiamond13
Targets
-
-
Target
5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5
-
Size
512KB
-
MD5
61d42f5881cfe3a2d2d16d1d4a753d2a
-
SHA1
64ee44562372947ddbb5fd66701908ab410d60ac
-
SHA256
5067c1f81ab160e5413c60342f7c753945992a327a3b394b8f8c331cf83563b5
-
SHA512
d5e8f79256a663a1a81c35ba1027b900bec359dbcdb9fc3f801680904e210ce62ab7453ba3eeedb0a0c824a0c4f3f7d787ce8bbe2c4430d1cd10c228084e6037
-
Suspicious use of NtCreateProcessExOtherParentProcess
-