Description
Simple but powerful infostealer which was very active in 2019.
mixsix_20211029-001408
General
Target
Size
Sample
mixsix_20211029-001408
648KB
211028-16ykvshaek
Score
10 /10
MD5
SHA1
SHA256
SHA512
fca8bb3b8d137449cba1fbf406e0d1eb
8b2a7d56695e4aea122e37b3a5a371a16cfa5c2d
249153197eafedc3426d55f6a12fbe041acb4527bc8c31f007ea1798d30df7b9
71c04d60d49ce9ed3314752171b6b9ca102cf80dc113b9af56a2be2b6fd790b83a890b95319ec701444a0b41fb644299d0e5b4a84f86c7cb37411eb95e20eb90
Malware Config
Extracted
| Family | raccoon |
| Botnet | 7c9b4504a63ed23664e38808e65948379b790395 |
| Attributes |
url4cnc http://telegka.top/capibar http://telegin.top/capibar https://t.me/capibar |
| rc4.plain |
|
| rc4.plain |
|
Targets
Target
MD5
Filesize
mixsix_20211029-001408
fca8bb3b8d137449cba1fbf406e0d1eb
648KB
Score
10/10
SHA1
SHA256
SHA512
8b2a7d56695e4aea122e37b3a5a371a16cfa5c2d
249153197eafedc3426d55f6a12fbe041acb4527bc8c31f007ea1798d30df7b9
71c04d60d49ce9ed3314752171b6b9ca102cf80dc113b9af56a2be2b6fd790b83a890b95319ec701444a0b41fb644299d0e5b4a84f86c7cb37411eb95e20eb90
Tags
Signatures
-
Raccoon
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Suspicious use of SetThreadContext
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks