Analysis
-
max time kernel
145s -
max time network
148s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
04-12-2021 22:20
General
-
Target
e0dc9892401f354cc3ca63c1e6e66b2fd93a804b3ea09bd348d8f55859847022.exe
-
Size
553KB
-
MD5
807675ef43da7eabb62795d7c02f7078
-
SHA1
e644406057ee1688e309be8cb0a143e5c6e9f5f9
-
SHA256
e0dc9892401f354cc3ca63c1e6e66b2fd93a804b3ea09bd348d8f55859847022
-
SHA512
e2de12aa9733a05bbcf6f7af66dadcfd99923abc7aebd27586f05f9754cf0dbf334e08c3255744e7b01f35a393c4a6a6f8a54e3d6fe85bdc46db47cea56f8b7a
Score
10/10
Malware Config
Extracted
Family
raccoon
Version
1.8.3-hotfix
Botnet
a1fcef6b211f7efaa652483b438c193569359f50
Attributes
-
url4cnc
http://94.158.245.137/duglassa1
http://91.219.236.27/duglassa1
http://94.158.245.167/duglassa1
http://185.163.204.216/duglassa1
http://185.225.19.238/duglassa1
http://185.163.204.218/duglassa1
https://t.me/duglassa1
rc4.plain
rc4.plain
Signatures
-
Raccoon
Simple but powerful infostealer which was very active in 2019.
Processes
-
C:\Users\Admin\AppData\Local\Temp\e0dc9892401f354cc3ca63c1e6e66b2fd93a804b3ea09bd348d8f55859847022.exe"C:\Users\Admin\AppData\Local\Temp\e0dc9892401f354cc3ca63c1e6e66b2fd93a804b3ea09bd348d8f55859847022.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2304-115-0x0000000000609000-0x0000000000659000-memory.dmpFilesize
320KB
-
memory/2304-116-0x0000000002240000-0x00000000022CF000-memory.dmpFilesize
572KB
-
memory/2304-117-0x0000000000400000-0x0000000000491000-memory.dmpFilesize
580KB