General
-
Target
bbd9760541fb80a439fe1447ff6cdf58.exe
-
Size
422KB
-
Sample
211104-vxkdzshbc3
-
MD5
bbd9760541fb80a439fe1447ff6cdf58
-
SHA1
e40fb8967ab3ecf50d1cf4b52c0124c81b7d86f6
-
SHA256
51785594b835ee188972c80f514ce698ed1262e0628c66df1d9e1ae23d484476
-
SHA512
32ee7bba722eb1cf5b359c8732cc23bd939b146f13d44e2e46505edec5712eeb7e842587911207db302d61ac7b4531735ec39f6d0cb484afda64e24863d84714
Malware Config
Extracted
raccoon
b3ed1d79826001317754d88a62db05820a1ecd19
-
url4cnc
http://teleliver.top/agrybirdsgamerept
http://livetelive.top/agrybirdsgamerept
http://teleger.top/agrybirdsgamerept
http://telestrong.top/agrybirdsgamerept
http://tgrampro.top/agrybirdsgamerept
http://teleghost.top/agrybirdsgamerept
http://teleroom.top/agrybirdsgamerept
http://telemir.top/agrybirdsgamerept
http://teletelo.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept
Targets
-
-
Target
bbd9760541fb80a439fe1447ff6cdf58.exe
-
Size
422KB
-
MD5
bbd9760541fb80a439fe1447ff6cdf58
-
SHA1
e40fb8967ab3ecf50d1cf4b52c0124c81b7d86f6
-
SHA256
51785594b835ee188972c80f514ce698ed1262e0628c66df1d9e1ae23d484476
-
SHA512
32ee7bba722eb1cf5b359c8732cc23bd939b146f13d44e2e46505edec5712eeb7e842587911207db302d61ac7b4531735ec39f6d0cb484afda64e24863d84714
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of SetThreadContext
-