General
-
Target
06DCC8EC05A3EC53B0066CE702D40993F9862644A37DD.exe
-
Size
1.6MB
-
Sample
220206-kfcbyahabm
-
MD5
dc0ad30780b013edc6d44f42873cca6f
-
SHA1
7bc36922bb282fb37ae76ca0ab584937a32555b4
-
SHA256
06dcc8ec05a3ec53b0066ce702d40993f9862644a37ddce050e03b23ba65a746
-
SHA512
4672fe9cdfe00cff01bedea476b0d4405f443418d78dc3f4dfb5bd469f7124d89e9ba2647ca48f48622a7040d1cc449e43905b575d497d4663a80053f5c49523
Static task
static1
Behavioral task
behavioral1
Sample
06DCC8EC05A3EC53B0066CE702D40993F9862644A37DD.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
06DCC8EC05A3EC53B0066CE702D40993F9862644A37DD.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
raccoon
1.8.3-hotfix
efc20640b4b1564934471e6297b87d8657db774a
-
url4cnc
http://91.219.236.162/jredmankun
http://185.163.47.176/jredmankun
http://193.38.54.238/jredmankun
http://74.119.192.122/jredmankun
http://91.219.236.240/jredmankun
https://t.me/jredmankun
Targets
-
-
Target
06DCC8EC05A3EC53B0066CE702D40993F9862644A37DD.exe
-
Size
1.6MB
-
MD5
dc0ad30780b013edc6d44f42873cca6f
-
SHA1
7bc36922bb282fb37ae76ca0ab584937a32555b4
-
SHA256
06dcc8ec05a3ec53b0066ce702d40993f9862644a37ddce050e03b23ba65a746
-
SHA512
4672fe9cdfe00cff01bedea476b0d4405f443418d78dc3f4dfb5bd469f7124d89e9ba2647ca48f48622a7040d1cc449e43905b575d497d4663a80053f5c49523
-
.NET Reactor proctector
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Suspicious use of SetThreadContext
-