General
-
Target
6f057dd71ebe1f5a1482cd5ee0e3994545196829d07fba3e5341ef5eaea3191a
-
Size
422KB
-
Sample
211104-sf9anseacr
-
MD5
5e7c8ac5d567f7380460e16d3382308b
-
SHA1
8c35cc0fcae2766146af69516fb764bf25a414cf
-
SHA256
6f057dd71ebe1f5a1482cd5ee0e3994545196829d07fba3e5341ef5eaea3191a
-
SHA512
58dd0eea104ce67a4831d9a70c7b0dda58c81c09250976a0339239a9b567959364f37eef44286676db6a289ab704d41d28da4f9b63c55c869bc867c7ced87f25
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
6f057dd71ebe1f5a1482cd5ee0e3994545196829d07fba3e5341ef5eaea3191a
-
Size
422KB
-
MD5
5e7c8ac5d567f7380460e16d3382308b
-
SHA1
8c35cc0fcae2766146af69516fb764bf25a414cf
-
SHA256
6f057dd71ebe1f5a1482cd5ee0e3994545196829d07fba3e5341ef5eaea3191a
-
SHA512
58dd0eea104ce67a4831d9a70c7b0dda58c81c09250976a0339239a9b567959364f37eef44286676db6a289ab704d41d28da4f9b63c55c869bc867c7ced87f25
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-