General
-
Target
e69cef22b08659aa21819fe5568f546f9c00d8b29850aeb0cab442fb80cc8a34
-
Size
418KB
-
Sample
211104-kncmnsgbd2
-
MD5
a9c3d1e84f863f833a33456b7a7b15f1
-
SHA1
01266e0e793324386b50f938e546a0224f8a7db4
-
SHA256
e69cef22b08659aa21819fe5568f546f9c00d8b29850aeb0cab442fb80cc8a34
-
SHA512
3224b583355a39a8f3e3e786073228ec95c4cc69c6b67855223b16d0b8990012e0d3b8ee8b1c85c70de8bb89b6db216d03aa4789c2e60daf5ed04622846d8836
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
e69cef22b08659aa21819fe5568f546f9c00d8b29850aeb0cab442fb80cc8a34
-
Size
418KB
-
MD5
a9c3d1e84f863f833a33456b7a7b15f1
-
SHA1
01266e0e793324386b50f938e546a0224f8a7db4
-
SHA256
e69cef22b08659aa21819fe5568f546f9c00d8b29850aeb0cab442fb80cc8a34
-
SHA512
3224b583355a39a8f3e3e786073228ec95c4cc69c6b67855223b16d0b8990012e0d3b8ee8b1c85c70de8bb89b6db216d03aa4789c2e60daf5ed04622846d8836
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-