General
-
Target
65ecbb1c38b4ac891d8a90870e115398.exe
-
Size
591KB
-
Sample
211107-kkaznshgh6
-
MD5
65ecbb1c38b4ac891d8a90870e115398
-
SHA1
78e3f1782d238b6375224a3ce7793b1cb08a95d4
-
SHA256
58c1b22873a1eab4f8a7cc5a26085a2968637eaa3f22e7cbe8032ad6f25bbd38
-
SHA512
a95b0ccaecdf007c4590efde4e56ec4e65b8d900e2070726393b912f4ef37b3761a641e7c85dfe8a9698f1bf9864afc8613d956e14414d5a0c78c00aa17a7dd9
Static task
static1
Behavioral task
behavioral1
Sample
65ecbb1c38b4ac891d8a90870e115398.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
65ecbb1c38b4ac891d8a90870e115398.exe
Resource
win10-en-20211104
Malware Config
Extracted
raccoon
1.8.3
a741159db87f9df2b687764994c63c4c859ea476
-
url4cnc
http://178.23.190.57/hiioBlacklight1
http://91.219.236.162/hiioBlacklight1
http://185.163.47.176/hiioBlacklight1
http://193.38.54.238/hiioBlacklight1
http://74.119.192.122/hiioBlacklight1
http://91.219.236.240/hiioBlacklight1
https://t.me/hiioBlacklight1
Targets
-
-
Target
65ecbb1c38b4ac891d8a90870e115398.exe
-
Size
591KB
-
MD5
65ecbb1c38b4ac891d8a90870e115398
-
SHA1
78e3f1782d238b6375224a3ce7793b1cb08a95d4
-
SHA256
58c1b22873a1eab4f8a7cc5a26085a2968637eaa3f22e7cbe8032ad6f25bbd38
-
SHA512
a95b0ccaecdf007c4590efde4e56ec4e65b8d900e2070726393b912f4ef37b3761a641e7c85dfe8a9698f1bf9864afc8613d956e14414d5a0c78c00aa17a7dd9
-
Suspicious use of NtCreateProcessExOtherParentProcess
-