General
-
Target
56cbf8ba6f89d388203afbd7568d982c808aab8a86f5992b11227ef03e7fefba
-
Size
512KB
-
Sample
211021-zmqv8saga8
-
MD5
44e4f96ebb2f28bda5d7163d7b0b4dfd
-
SHA1
61016641d03cb0110a34cc3112445b8189fbaf25
-
SHA256
56cbf8ba6f89d388203afbd7568d982c808aab8a86f5992b11227ef03e7fefba
-
SHA512
e398ff1d3c578cdd9119fe76ea7111aa1c69425feb55adbf9a0d23ffa542f40c65bac2191d2b50d5faadec1f468a69339d6867b9324e7aa8469f1a715fa5c4cf
Static task
static1
Behavioral task
behavioral1
Sample
56cbf8ba6f89d388203afbd7568d982c808aab8a86f5992b11227ef03e7fefba.exe
Resource
win10-en-20210920
Malware Config
Extracted
raccoon
887a0ffaca448362277f2227182491216b734133
-
url4cnc
http://telegka.top/jdiamond13
http://telegin.top/jdiamond13
https://t.me/jdiamond13
Targets
-
-
Target
56cbf8ba6f89d388203afbd7568d982c808aab8a86f5992b11227ef03e7fefba
-
Size
512KB
-
MD5
44e4f96ebb2f28bda5d7163d7b0b4dfd
-
SHA1
61016641d03cb0110a34cc3112445b8189fbaf25
-
SHA256
56cbf8ba6f89d388203afbd7568d982c808aab8a86f5992b11227ef03e7fefba
-
SHA512
e398ff1d3c578cdd9119fe76ea7111aa1c69425feb55adbf9a0d23ffa542f40c65bac2191d2b50d5faadec1f468a69339d6867b9324e7aa8469f1a715fa5c4cf
-
Suspicious use of NtCreateProcessExOtherParentProcess
-