General
-
Target
30f8d690fcd9bc1e0020f6b3a916ad71e5b2df3cdb17e02e5a1565b579bf7319
-
Size
518KB
-
Sample
220313-z3y7jsccar
-
MD5
066dd2538407a6ae20996556d4f67d50
-
SHA1
5586f384bb7441a529b4d4d24bb2f50578bf7f2a
-
SHA256
30f8d690fcd9bc1e0020f6b3a916ad71e5b2df3cdb17e02e5a1565b579bf7319
-
SHA512
a0500413cca66e65b5bd37a5ac444223dae2139df43c7797ec259e83825fb5b3041b32d88f460ba5092f9068b95cbf0c49200b6f60103be0ed4a09abb4f85a89
Static task
static1
Behavioral task
behavioral1
Sample
30f8d690fcd9bc1e0020f6b3a916ad71e5b2df3cdb17e02e5a1565b579bf7319.exe
Resource
win10-20220223-en
Malware Config
Extracted
raccoon
ccba3157b9f42051adf38fbb8f5d0aca7f2b7366
-
url4cnc
http://185.163.204.81/nui8xtgen
http://194.180.191.33/nui8xtgen
http://174.138.11.98/nui8xtgen
http://194.180.191.44/nui8xtgen
http://91.219.236.120/nui8xtgen
https://t.me/nui8xtgen
Targets
-
-
Target
30f8d690fcd9bc1e0020f6b3a916ad71e5b2df3cdb17e02e5a1565b579bf7319
-
Size
518KB
-
MD5
066dd2538407a6ae20996556d4f67d50
-
SHA1
5586f384bb7441a529b4d4d24bb2f50578bf7f2a
-
SHA256
30f8d690fcd9bc1e0020f6b3a916ad71e5b2df3cdb17e02e5a1565b579bf7319
-
SHA512
a0500413cca66e65b5bd37a5ac444223dae2139df43c7797ec259e83825fb5b3041b32d88f460ba5092f9068b95cbf0c49200b6f60103be0ed4a09abb4f85a89
-
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
-
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
-