General
-
Target
93ce0b245ba803cd48dadb27ceaa7435.exe
-
Size
421KB
-
Sample
211104-vwzsaahbb8
-
MD5
93ce0b245ba803cd48dadb27ceaa7435
-
SHA1
20aaacc6b69d84c8709a9a1ad97b61d9ba774ffc
-
SHA256
35405fdecc554572244c745e390644ae713070f0bf81b29b9b54f6a738cb0ea5
-
SHA512
c210b371835023ceac6aff7f4dc470554d62b556df89f712ca92623d05837c6e91e900b8e60d9a20a3a05708feff386882f31ba386e1a405289661924e193574
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
93ce0b245ba803cd48dadb27ceaa7435.exe
-
Size
421KB
-
MD5
93ce0b245ba803cd48dadb27ceaa7435
-
SHA1
20aaacc6b69d84c8709a9a1ad97b61d9ba774ffc
-
SHA256
35405fdecc554572244c745e390644ae713070f0bf81b29b9b54f6a738cb0ea5
-
SHA512
c210b371835023ceac6aff7f4dc470554d62b556df89f712ca92623d05837c6e91e900b8e60d9a20a3a05708feff386882f31ba386e1a405289661924e193574
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-