General
-
Target
f0675a345759fed3eae6fc51c71b19c4.exe
-
Size
421KB
-
Sample
211104-vxkdzsecbn
-
MD5
f0675a345759fed3eae6fc51c71b19c4
-
SHA1
89911cec0439cb423742d6615f64e13fa3065753
-
SHA256
e040228b7cce711e455d0772d77287448cf14eea496563a3474c69565cc441d3
-
SHA512
465f3076a93540b40e3a9e54c115ac018274658378603226ec534fc5f6e09978cc68d38caa328bc20c46d0069a567bff758b08c6328829378b4704e674a755ea
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
f0675a345759fed3eae6fc51c71b19c4.exe
-
Size
421KB
-
MD5
f0675a345759fed3eae6fc51c71b19c4
-
SHA1
89911cec0439cb423742d6615f64e13fa3065753
-
SHA256
e040228b7cce711e455d0772d77287448cf14eea496563a3474c69565cc441d3
-
SHA512
465f3076a93540b40e3a9e54c115ac018274658378603226ec534fc5f6e09978cc68d38caa328bc20c46d0069a567bff758b08c6328829378b4704e674a755ea
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-