General
-
Target
hbtwo_20220318-173935
-
Size
634KB
-
Sample
220318-t61xnacbgn
-
MD5
d8c17cfca59134307cc73c50db5e456f
-
SHA1
331eeaefd6737149776054487d7bb4256201af3d
-
SHA256
a4de6b05daac0da9e80c020a83350fe787f72fdcd6646fdabc15cda395845231
-
SHA512
76c6b973607bb017bbc590e75c034c784095ce450eaeaee0e69e42e7e3d963bc63d1fec2be81239be548eb971979c8c8e4d7e50d2d96d2226e18a7f85910e1a8
Static task
static1
Behavioral task
behavioral1
Sample
hbtwo_20220318-173935.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
hbtwo_20220318-173935.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
raccoon
1c0fad6805a0f65d7b597130eb9f089ffbe9857d
-
url4cnc
http://194.180.191.241/capibar
http://103.155.93.35/capibar
https://t.me/capibar
Targets
-
-
Target
hbtwo_20220318-173935
-
Size
634KB
-
MD5
d8c17cfca59134307cc73c50db5e456f
-
SHA1
331eeaefd6737149776054487d7bb4256201af3d
-
SHA256
a4de6b05daac0da9e80c020a83350fe787f72fdcd6646fdabc15cda395845231
-
SHA512
76c6b973607bb017bbc590e75c034c784095ce450eaeaee0e69e42e7e3d963bc63d1fec2be81239be548eb971979c8c8e4d7e50d2d96d2226e18a7f85910e1a8
-
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
-