General
-
Target
hbtwo_20220310-104545
-
Size
627KB
-
Sample
220310-m4llmahgcl
-
MD5
503cb3a027cd593a651b07f3b5206221
-
SHA1
1cbf8ca9d7179e4cd75c086b7629cbd1a7e09cd3
-
SHA256
fd27b423af903ced7fb330011ba124b59b60cbdbc64b533132a22ecf983a437d
-
SHA512
f5956bfb0d88c86d8e312d9a8affc04f194c093329c1f3a0450ef233787b8225342416062a96d0f8133e3fc0ff452a44ebd07c981b324c133881d89ec0baf23f
Static task
static1
Behavioral task
behavioral1
Sample
hbtwo_20220310-104545.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
hbtwo_20220310-104545.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
raccoon
1c0fad6805a0f65d7b597130eb9f089ffbe9857d
-
url4cnc
http://194.180.191.241/capibar
http://103.155.93.35/capibar
https://t.me/capibar
Targets
-
-
Target
hbtwo_20220310-104545
-
Size
627KB
-
MD5
503cb3a027cd593a651b07f3b5206221
-
SHA1
1cbf8ca9d7179e4cd75c086b7629cbd1a7e09cd3
-
SHA256
fd27b423af903ced7fb330011ba124b59b60cbdbc64b533132a22ecf983a437d
-
SHA512
f5956bfb0d88c86d8e312d9a8affc04f194c093329c1f3a0450ef233787b8225342416062a96d0f8133e3fc0ff452a44ebd07c981b324c133881d89ec0baf23f
-
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
-
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
-