General
-
Target
dc14553bed2ff0c430fe14d03b904142.exe
-
Size
33KB
-
Sample
220114-k7cf1sfegq
-
MD5
dc14553bed2ff0c430fe14d03b904142
-
SHA1
32ddd246599f8715ac34cc167fa8f210b4e7c7f9
-
SHA256
65e2e0704a22d1a0f3d5453c2e9ac551a839af68415958ef0c03e44d1a82829d
-
SHA512
69deb6c3a3a2d5a889e16cfd0a282df279ea0b8f46bd880dff392aefee437842fedce8b1330de81fad4aaa73d0c1e2237f0520a66ca3fe741c714e5715bc8b21
Static task
static1
Behavioral task
behavioral1
Sample
dc14553bed2ff0c430fe14d03b904142.exe
Resource
win7-en-20211208
Malware Config
Extracted
raccoon
1.8.4-hotfixs
Targets
-
-
Target
dc14553bed2ff0c430fe14d03b904142.exe
-
Size
33KB
-
MD5
dc14553bed2ff0c430fe14d03b904142
-
SHA1
32ddd246599f8715ac34cc167fa8f210b4e7c7f9
-
SHA256
65e2e0704a22d1a0f3d5453c2e9ac551a839af68415958ef0c03e44d1a82829d
-
SHA512
69deb6c3a3a2d5a889e16cfd0a282df279ea0b8f46bd880dff392aefee437842fedce8b1330de81fad4aaa73d0c1e2237f0520a66ca3fe741c714e5715bc8b21
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-