General
-
Target
7db5ca28967fe3a467c57d43eebfbc389385d2592006c1e5b0a5be85d11f744d
-
Size
512KB
-
Sample
211021-gcwdvshgh9
-
MD5
4b1c2fe9b59627db8a0154bd5379e733
-
SHA1
aaa8c44d8b1124757054d14a538845c18fe9d261
-
SHA256
7db5ca28967fe3a467c57d43eebfbc389385d2592006c1e5b0a5be85d11f744d
-
SHA512
6ea0370217ccb930c98589c48e2e4874024c25861109730c6ced3e567dae985381c0659b2d3d3b23c3d58c8cc2ecbec485383d07b8004b3ee18a63a5ae9d7145
Static task
static1
Behavioral task
behavioral1
Sample
7db5ca28967fe3a467c57d43eebfbc389385d2592006c1e5b0a5be85d11f744d.exe
Resource
win10-en-20211014
Malware Config
Extracted
raccoon
887a0ffaca448362277f2227182491216b734133
-
url4cnc
http://telegka.top/jdiamond13
http://telegin.top/jdiamond13
https://t.me/jdiamond13
Targets
-
-
Target
7db5ca28967fe3a467c57d43eebfbc389385d2592006c1e5b0a5be85d11f744d
-
Size
512KB
-
MD5
4b1c2fe9b59627db8a0154bd5379e733
-
SHA1
aaa8c44d8b1124757054d14a538845c18fe9d261
-
SHA256
7db5ca28967fe3a467c57d43eebfbc389385d2592006c1e5b0a5be85d11f744d
-
SHA512
6ea0370217ccb930c98589c48e2e4874024c25861109730c6ced3e567dae985381c0659b2d3d3b23c3d58c8cc2ecbec485383d07b8004b3ee18a63a5ae9d7145
-
Suspicious use of NtCreateProcessExOtherParentProcess
-