General
-
Target
55da799f20ed9469858a6834bdbbb3b3.exe
-
Size
421KB
-
Sample
211104-vwzsaahbb7
-
MD5
55da799f20ed9469858a6834bdbbb3b3
-
SHA1
e0bb4cdbf14e832bf91a5e412ccc2827b760eaab
-
SHA256
a972fe56cf0c891775ab81e23a90e553956c06623350fc91d4e7cdce3dfd3170
-
SHA512
db069fdd3898629f0bf82a2b7fc4a2aa9b705279374774c89c8c91c1a5c6b823996c2a1e66d4cf5fecf72f31f9d981497d756df599369dc6d61226876b06aebd
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
55da799f20ed9469858a6834bdbbb3b3.exe
-
Size
421KB
-
MD5
55da799f20ed9469858a6834bdbbb3b3
-
SHA1
e0bb4cdbf14e832bf91a5e412ccc2827b760eaab
-
SHA256
a972fe56cf0c891775ab81e23a90e553956c06623350fc91d4e7cdce3dfd3170
-
SHA512
db069fdd3898629f0bf82a2b7fc4a2aa9b705279374774c89c8c91c1a5c6b823996c2a1e66d4cf5fecf72f31f9d981497d756df599369dc6d61226876b06aebd
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-