Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-en-20211104 -
submitted
08-12-2021 09:56
General
-
Target
37277505c9c29a553b922916789287d97ec515d25dc2c.exe
-
Size
522KB
-
MD5
0af95d4534f76e1f817f8fdfbb72457f
-
SHA1
8995c4919b29f929f40881ede42fc351b63e39e6
-
SHA256
37277505c9c29a553b922916789287d97ec515d25dc2cb499ded717347efac9c
-
SHA512
e6026be9187b83e2c1685a62cf88c975c65bbc7476130051eb91d228fcaf8600922fafe99de09ecbc23744fc478dcdb42cf28492676317616c82dd7760ae3490
Score
10/10
Malware Config
Extracted
Family
raccoon
Version
1.8.3-hotfix
Botnet
fd4f23250443a724a3d1548e6ab07c481dfc2814
Attributes
-
url4cnc
http://91.219.236.27/duglassa1
http://94.158.245.167/duglassa1
http://185.163.204.216/duglassa1
http://185.225.19.238/duglassa1
http://185.163.204.218/duglassa1
https://t.me/duglassa1
rc4.plain
rc4.plain
Signatures
-
Raccoon
Simple but powerful infostealer which was very active in 2019.
Processes
-
C:\Users\Admin\AppData\Local\Temp\37277505c9c29a553b922916789287d97ec515d25dc2c.exe"C:\Users\Admin\AppData\Local\Temp\37277505c9c29a553b922916789287d97ec515d25dc2c.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1592-55-0x0000000075491000-0x0000000075493000-memory.dmpFilesize
8KB
-
memory/1592-57-0x0000000002C30000-0x0000000002CBF000-memory.dmpFilesize
572KB
-
memory/1592-56-0x00000000001B0000-0x00000000001FF000-memory.dmpFilesize
316KB
-
memory/1592-58-0x0000000000400000-0x0000000002BBD000-memory.dmpFilesize
39.7MB