General
-
Target
648d4377805a064953a5f314f4038071a4d50fe85088e75c59136aa2a3d8c864
-
Size
502KB
-
Sample
211109-l16a7abhfn
-
MD5
0d049647c9597b5b0da270664071e355
-
SHA1
2d77bda64ccc1b6839af0d377fcc62e332ed61df
-
SHA256
648d4377805a064953a5f314f4038071a4d50fe85088e75c59136aa2a3d8c864
-
SHA512
16f1ef576a3f9137c6c40b678ef6d7a82540717ffdbac342a9d90b9847ebfa305e0ff2ee7a375ceaee1225e661ac62319e4e34bc3d08452af7ebca65e947eaf3
Static task
static1
Behavioral task
behavioral1
Sample
648d4377805a064953a5f314f4038071a4d50fe85088e75c59136aa2a3d8c864.exe
Resource
win10-en-20211014
Malware Config
Extracted
raccoon
1.8.3-hotfix
fcdc156d3872c18d25e3ee45499599b45e492a67
-
url4cnc
http://178.23.190.57/rino115sipsip
http://91.219.236.162/rino115sipsip
http://185.163.47.176/rino115sipsip
http://193.38.54.238/rino115sipsip
http://74.119.192.122/rino115sipsip
http://91.219.236.240/rino115sipsip
https://t.me/rino115sipsip
Targets
-
-
Target
648d4377805a064953a5f314f4038071a4d50fe85088e75c59136aa2a3d8c864
-
Size
502KB
-
MD5
0d049647c9597b5b0da270664071e355
-
SHA1
2d77bda64ccc1b6839af0d377fcc62e332ed61df
-
SHA256
648d4377805a064953a5f314f4038071a4d50fe85088e75c59136aa2a3d8c864
-
SHA512
16f1ef576a3f9137c6c40b678ef6d7a82540717ffdbac342a9d90b9847ebfa305e0ff2ee7a375ceaee1225e661ac62319e4e34bc3d08452af7ebca65e947eaf3
-
Suspicious use of NtCreateProcessExOtherParentProcess
-