General
-
Target
0B668D0AC89D5DA1526BE831F7B8C3F2AF54C5DBC68C0.exe
-
Size
1.2MB
-
Sample
220128-zxsgtadefp
-
MD5
4bb6c620715fe25e76d4cca1e68bef89
-
SHA1
0cf2a7aad7ad7a804ca2b7ccaea1a6aadd75fb80
-
SHA256
0b668d0ac89d5da1526be831f7b8c3f2af54c5dbc68c0c9ce886183ec518c051
-
SHA512
59203e7c93eda1698f25ee000c7be02d39eee5a0c3f615ae6b540c7a76e6d47265d4354fa38be5206810e6b035b8be1794ebe324c0e9db33360a4f0dd3910549
Static task
static1
Behavioral task
behavioral1
Sample
0B668D0AC89D5DA1526BE831F7B8C3F2AF54C5DBC68C0.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
0B668D0AC89D5DA1526BE831F7B8C3F2AF54C5DBC68C0.exe
Resource
win10-en-20211208
Malware Config
Extracted
raccoon
1.8.3-hotfix
efc20640b4b1564934471e6297b87d8657db774a
-
url4cnc
http://91.219.236.162/jredmankun
http://185.163.47.176/jredmankun
http://193.38.54.238/jredmankun
http://74.119.192.122/jredmankun
http://91.219.236.240/jredmankun
https://t.me/jredmankun
Targets
-
-
Target
0B668D0AC89D5DA1526BE831F7B8C3F2AF54C5DBC68C0.exe
-
Size
1.2MB
-
MD5
4bb6c620715fe25e76d4cca1e68bef89
-
SHA1
0cf2a7aad7ad7a804ca2b7ccaea1a6aadd75fb80
-
SHA256
0b668d0ac89d5da1526be831f7b8c3f2af54c5dbc68c0c9ce886183ec518c051
-
SHA512
59203e7c93eda1698f25ee000c7be02d39eee5a0c3f615ae6b540c7a76e6d47265d4354fa38be5206810e6b035b8be1794ebe324c0e9db33360a4f0dd3910549
-
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
-
Suspicious use of SetThreadContext
-