General
-
Target
0347dfd075cb14d0381d308d86b4c0538029babc470e0ba4e6b036c47aa47e7e
-
Size
421KB
-
Sample
211104-nb6lrsdehm
-
MD5
cac7e11a6deb07701f5c87d07affcca2
-
SHA1
789a9d70281d70a50e0452d85cb3cb2329ea5254
-
SHA256
0347dfd075cb14d0381d308d86b4c0538029babc470e0ba4e6b036c47aa47e7e
-
SHA512
3349ffa7747d612c698619dd7b385805f843998f05ed513a7b4f0510633fe4a930fa21022aa616e6a7a3dba0c844c9cb28f9b7ccfb879a75465b7ea6432754a5
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
0347dfd075cb14d0381d308d86b4c0538029babc470e0ba4e6b036c47aa47e7e
-
Size
421KB
-
MD5
cac7e11a6deb07701f5c87d07affcca2
-
SHA1
789a9d70281d70a50e0452d85cb3cb2329ea5254
-
SHA256
0347dfd075cb14d0381d308d86b4c0538029babc470e0ba4e6b036c47aa47e7e
-
SHA512
3349ffa7747d612c698619dd7b385805f843998f05ed513a7b4f0510633fe4a930fa21022aa616e6a7a3dba0c844c9cb28f9b7ccfb879a75465b7ea6432754a5
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-