General
-
Target
7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17
-
Size
570KB
-
Sample
211203-x8vp7scbf6
-
MD5
daabb970ee354de7815aaae6a885d224
-
SHA1
f4e646ea707217f2bfd6df68fa231164642a9196
-
SHA256
7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17
-
SHA512
b12738020d552f7e986ce68074fe6d3c757d324331a950dfe1a83630c28fe96fb835f485f4a646ba9101d568dc31bc0e63f9319c1be997ca5ea98d9aa95f21db
Static task
static1
Behavioral task
behavioral1
Sample
7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17.exe
Resource
win10-en-20211104
Malware Config
Extracted
raccoon
1.8.3-hotfix
049dc5184bb65eb56e4e860bf61427e2a0fcba1e
-
url4cnc
http://185.225.19.18/duglassa1
http://91.219.237.227/duglassa1
https://t.me/duglassa1
Targets
-
-
Target
7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17
-
Size
570KB
-
MD5
daabb970ee354de7815aaae6a885d224
-
SHA1
f4e646ea707217f2bfd6df68fa231164642a9196
-
SHA256
7c50d02d53ebe63ab4729313754a3edd9e59c4a4aa98c29bc3a77dcc9433eb17
-
SHA512
b12738020d552f7e986ce68074fe6d3c757d324331a950dfe1a83630c28fe96fb835f485f4a646ba9101d568dc31bc0e63f9319c1be997ca5ea98d9aa95f21db
-
Suspicious use of NtCreateProcessExOtherParentProcess
-