General
-
Target
6f930339242cf55f87b545fd29f8faf6b84f5828aac0322defd57f03aa7cf132
-
Size
570KB
-
Sample
211203-1drlvacch7
-
MD5
4c8b66d361835c2d9ea8c230e90662dd
-
SHA1
3fae7d1577820b1fc0559510bad83c9d6c63323a
-
SHA256
6f930339242cf55f87b545fd29f8faf6b84f5828aac0322defd57f03aa7cf132
-
SHA512
211b0518d29da64837d2f996f2cbb6befd8c93944a8a00d8a08675d0aec4369e447ffb7ff1d04deca77cc0e2c2c3c4f18d5e002deca998353f144aa8695d0147
Static task
static1
Behavioral task
behavioral1
Sample
6f930339242cf55f87b545fd29f8faf6b84f5828aac0322defd57f03aa7cf132.exe
Resource
win10-en-20211104
Malware Config
Extracted
raccoon
1.8.3-hotfix
049dc5184bb65eb56e4e860bf61427e2a0fcba1e
-
url4cnc
http://185.225.19.18/duglassa1
http://91.219.237.227/duglassa1
https://t.me/duglassa1
Targets
-
-
Target
6f930339242cf55f87b545fd29f8faf6b84f5828aac0322defd57f03aa7cf132
-
Size
570KB
-
MD5
4c8b66d361835c2d9ea8c230e90662dd
-
SHA1
3fae7d1577820b1fc0559510bad83c9d6c63323a
-
SHA256
6f930339242cf55f87b545fd29f8faf6b84f5828aac0322defd57f03aa7cf132
-
SHA512
211b0518d29da64837d2f996f2cbb6befd8c93944a8a00d8a08675d0aec4369e447ffb7ff1d04deca77cc0e2c2c3c4f18d5e002deca998353f144aa8695d0147
-
Suspicious use of NtCreateProcessExOtherParentProcess
-