General
-
Target
cfc3768cbc19e72ee4d54a18f6700e7f3fda452a901d3c1dae68ae4880edaf7d
-
Size
534KB
-
Sample
211108-n6efrshbel
-
MD5
e2cbdf74ff9c8f936a4fb8c6b2a956fa
-
SHA1
7198d953db35dd67aaf70782a42029c1586fb5a8
-
SHA256
cfc3768cbc19e72ee4d54a18f6700e7f3fda452a901d3c1dae68ae4880edaf7d
-
SHA512
ebf4a320a38757e3a659575b489113f15c854a53d25ac10c235b58cd1e2c7cbdf96f51a0761aaccc1d209fbde1f1b641c643e032c5f05ffcb4f15917441f1b9d
Static task
static1
Behavioral task
behavioral1
Sample
cfc3768cbc19e72ee4d54a18f6700e7f3fda452a901d3c1dae68ae4880edaf7d.exe
Resource
win10-en-20211104
Malware Config
Extracted
raccoon
1.8.3-hotfix
fcdc156d3872c18d25e3ee45499599b45e492a67
-
url4cnc
http://178.23.190.57/rino115sipsip
http://91.219.236.162/rino115sipsip
http://185.163.47.176/rino115sipsip
http://193.38.54.238/rino115sipsip
http://74.119.192.122/rino115sipsip
http://91.219.236.240/rino115sipsip
https://t.me/rino115sipsip
Targets
-
-
Target
cfc3768cbc19e72ee4d54a18f6700e7f3fda452a901d3c1dae68ae4880edaf7d
-
Size
534KB
-
MD5
e2cbdf74ff9c8f936a4fb8c6b2a956fa
-
SHA1
7198d953db35dd67aaf70782a42029c1586fb5a8
-
SHA256
cfc3768cbc19e72ee4d54a18f6700e7f3fda452a901d3c1dae68ae4880edaf7d
-
SHA512
ebf4a320a38757e3a659575b489113f15c854a53d25ac10c235b58cd1e2c7cbdf96f51a0761aaccc1d209fbde1f1b641c643e032c5f05ffcb4f15917441f1b9d
-
Suspicious use of NtCreateProcessExOtherParentProcess
-