General
-
Target
181441a56d399865f7008ab0f9298b37.exe
-
Size
2.0MB
-
Sample
220308-xlxahsdegl
-
MD5
181441a56d399865f7008ab0f9298b37
-
SHA1
d7a1d18e3f145330996e061006b960e8b037652d
-
SHA256
3aeac188be8cb282af08c47fa9949c108fb33a99196ab6864947c77731bccb4c
-
SHA512
dcf83f1db37ddfc25cf66b72f5fc29288ef8da1e4420ea6bbd1fbc24b1b96db0d42fec657e8981206fc34c75713bf604435a435dde006004d3cd785586c34f85
Static task
static1
Behavioral task
behavioral1
Sample
181441a56d399865f7008ab0f9298b37.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
181441a56d399865f7008ab0f9298b37.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
raccoon
1c0fad6805a0f65d7b597130eb9f089ffbe9857d
-
url4cnc
http://194.180.191.241/capibar
http://103.155.93.35/capibar
https://t.me/capibar
Targets
-
-
Target
181441a56d399865f7008ab0f9298b37.exe
-
Size
2.0MB
-
MD5
181441a56d399865f7008ab0f9298b37
-
SHA1
d7a1d18e3f145330996e061006b960e8b037652d
-
SHA256
3aeac188be8cb282af08c47fa9949c108fb33a99196ab6864947c77731bccb4c
-
SHA512
dcf83f1db37ddfc25cf66b72f5fc29288ef8da1e4420ea6bbd1fbc24b1b96db0d42fec657e8981206fc34c75713bf604435a435dde006004d3cd785586c34f85
-
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-