General
-
Target
4cb40a5915b998c9c70b71e6b54de912.exe
-
Size
725KB
-
Sample
220224-jhj9wsccc7
-
MD5
4cb40a5915b998c9c70b71e6b54de912
-
SHA1
15bfedc171add539bcbb2ecf4a1fd9eef1fd97f9
-
SHA256
bcba37ea39dbe60b1dd38557aaccf5aca3d6e2d754fa6e6d81e07e18ff3d7e58
-
SHA512
945b1de67d1cc6adb9bbbf1b08d8163c1cbb19f6878242def90aa08354503d98c96e7b53218ef4c1024c1315c3361be59830cbc88308b4ea088d1efe3755ebad
Static task
static1
Behavioral task
behavioral1
Sample
4cb40a5915b998c9c70b71e6b54de912.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
4cb40a5915b998c9c70b71e6b54de912.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
raccoon
1c0fad6805a0f65d7b597130eb9f089ffbe9857d
-
url4cnc
http://194.180.191.241/capibar
http://103.155.93.35/capibar
https://t.me/capibar
Targets
-
-
Target
4cb40a5915b998c9c70b71e6b54de912.exe
-
Size
725KB
-
MD5
4cb40a5915b998c9c70b71e6b54de912
-
SHA1
15bfedc171add539bcbb2ecf4a1fd9eef1fd97f9
-
SHA256
bcba37ea39dbe60b1dd38557aaccf5aca3d6e2d754fa6e6d81e07e18ff3d7e58
-
SHA512
945b1de67d1cc6adb9bbbf1b08d8163c1cbb19f6878242def90aa08354503d98c96e7b53218ef4c1024c1315c3361be59830cbc88308b4ea088d1efe3755ebad
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Suspicious use of SetThreadContext
-