General
-
Target
6de86cb77ce8e1957189385874803bb7e98dee2b1c96232fe4826a488c650071
-
Size
420KB
-
Sample
211104-mlkavaddfp
-
MD5
2747b4f675736d584c9763f4986b8c65
-
SHA1
e2f61ed42f2a92b33f21574e9eb34a8f11bb6ee9
-
SHA256
6de86cb77ce8e1957189385874803bb7e98dee2b1c96232fe4826a488c650071
-
SHA512
7ae815d55f663a1d22753fe66cef7b0f9819b7106a82ffce5084cf138496e4276f4813a5b30512dbe6140e9b6262cd51011f2c0cba5ede477254d805004acb17
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
6de86cb77ce8e1957189385874803bb7e98dee2b1c96232fe4826a488c650071
-
Size
420KB
-
MD5
2747b4f675736d584c9763f4986b8c65
-
SHA1
e2f61ed42f2a92b33f21574e9eb34a8f11bb6ee9
-
SHA256
6de86cb77ce8e1957189385874803bb7e98dee2b1c96232fe4826a488c650071
-
SHA512
7ae815d55f663a1d22753fe66cef7b0f9819b7106a82ffce5084cf138496e4276f4813a5b30512dbe6140e9b6262cd51011f2c0cba5ede477254d805004acb17
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-