Overview

overview

10

Static

static

mixfive_20...00.exe

windows7_x64

10

mixfive_20...00.exe

windows10_x64

10

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    08-01-2022 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mixfive_20220108-135000.exe

  • Size

    690KB

  • MD5

    6cf7bee2b585caa258c0d19040baed0c

  • SHA1

    1da155cc868e60f8a522785068bab6e9963a24bf

  • SHA256

    12ff67cb14068738bc7a5a153125c39879dca2ebac56ba4dac98232d5ea60132

  • SHA512

    bc5c77e1b42e27a378d9091640b07cd6607f0450a38099c2a18a8bf47f2efd0d22d5c4d1073620086ca994d77b4053f6c21dc9c1ceb17d9b5491b64a1ff03750

Score
10/10
raccoon10da56e7e71e97bdc1f36eb76813bbc3231de7e4stealer

Malware Config

Extracted

Family

raccoon

Botnet

10da56e7e71e97bdc1f36eb76813bbc3231de7e4

Attributes
  • url4cnc

    http://194.180.174.53/capibar

    http://91.219.236.18/capibar

    http://194.180.174.41/capibar

    http://91.219.236.148/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

Processes

  • C:\Users\Admin\AppData\Local\Temp\mixfive_20220108-135000.exe
    "C:\Users\Admin\AppData\Local\Temp\mixfive_20220108-135000.exe"
    1⤵
      PID:1648

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1648-54-0x0000000002BF0000-0x0000000002C63000-memory.dmp
      Filesize

      460KB

      Download
    • memory/1648-55-0x0000000002C70000-0x0000000002D07000-memory.dmp
      Filesize

      604KB

      Download
    • memory/1648-56-0x0000000000400000-0x0000000002BE3000-memory.dmp
      Filesize

      39.9MB

      Download
    • memory/1648-57-0x00000000002BE000-0x000000000031C000-memory.dmp
      Filesize

      376KB

      Download
    • memory/1648-58-0x0000000000400000-0x0000000002BE3000-memory.dmp
      Filesize

      39.9MB

      Download
    • memory/1648-59-0x0000000004520000-0x00000000045B5000-memory.dmp
      Filesize

      596KB

      Download
    • memory/1648-60-0x0000000000400000-0x0000000002BE3000-memory.dmp
      Filesize

      39.9MB

      Download
    • memory/1648-61-0x0000000000400000-0x0000000002BE3000-memory.dmp
      Filesize

      39.9MB

      Download
    • memory/1648-62-0x0000000076001000-0x0000000076003000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1648-63-0x00000000003A0000-0x00000000003F0000-memory.dmp
      Filesize

      320KB

      Download
    • memory/1648-64-0x00000000045C0000-0x0000000004652000-memory.dmp
      Filesize

      584KB

      Download
    • memory/1648-65-0x0000000000400000-0x0000000002BE3000-memory.dmp
      Filesize

      39.9MB

      Download