General
-
Target
5c69bc614c6092798cecfa808358e97cda7c0ea53f30e1e124cb14b54cf9f1b0
-
Size
422KB
-
Sample
211207-m4wftsgghk
-
MD5
c58ab85e86005430cf8b4eb02d203271
-
SHA1
2a8c22a93cfaa5b52d70ccba5a86107dd7955673
-
SHA256
5c69bc614c6092798cecfa808358e97cda7c0ea53f30e1e124cb14b54cf9f1b0
-
SHA512
f6d0d607707b7b3b3b390053c16e60627f5f58329d060caa35513fe2af466a25124d3b89a3eb7d59cacecd1a86071788e9a6a1ccd9115a3f516c7327dab6f5ce
Static task
static1
Behavioral task
behavioral1
Sample
5c69bc614c6092798cecfa808358e97cda7c0ea53f30e1e124cb14b54cf9f1b0.exe
Resource
win10-en-20211104
Malware Config
Extracted
raccoon
1.8.3-hotfix
a2337059abb40b184e621b38e62ace3e1a158d50
-
url4cnc
http://94.158.245.137/papatikmikr03
http://91.219.236.27/papatikmikr03
http://94.158.245.167/papatikmikr03
http://185.163.204.216/papatikmikr03
http://185.225.19.238/papatikmikr03
http://185.163.204.218/papatikmikr03
https://t.me/papatikmikr03
Targets
-
-
Target
5c69bc614c6092798cecfa808358e97cda7c0ea53f30e1e124cb14b54cf9f1b0
-
Size
422KB
-
MD5
c58ab85e86005430cf8b4eb02d203271
-
SHA1
2a8c22a93cfaa5b52d70ccba5a86107dd7955673
-
SHA256
5c69bc614c6092798cecfa808358e97cda7c0ea53f30e1e124cb14b54cf9f1b0
-
SHA512
f6d0d607707b7b3b3b390053c16e60627f5f58329d060caa35513fe2af466a25124d3b89a3eb7d59cacecd1a86071788e9a6a1ccd9115a3f516c7327dab6f5ce
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-