Overview

overview

10

Static

static

hbtwo_2022...35.exe

windows7_x64

10

hbtwo_2022...35.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    4294182s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20220310-en
  • submitted
    18-03-2022 16:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hbtwo_20220318-173935.exe

  • Size

    634KB

  • MD5

    d8c17cfca59134307cc73c50db5e456f

  • SHA1

    331eeaefd6737149776054487d7bb4256201af3d

  • SHA256

    a4de6b05daac0da9e80c020a83350fe787f72fdcd6646fdabc15cda395845231

  • SHA512

    76c6b973607bb017bbc590e75c034c784095ce450eaeaee0e69e42e7e3d963bc63d1fec2be81239be548eb971979c8c8e4d7e50d2d96d2226e18a7f85910e1a8

Score
10/10
raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealer

Malware Config

Extracted

Family

raccoon

Botnet

1c0fad6805a0f65d7b597130eb9f089ffbe9857d

Attributes
  • url4cnc

    http://194.180.191.241/capibar

    http://103.155.93.35/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

Processes

  • C:\Users\Admin\AppData\Local\Temp\hbtwo_20220318-173935.exe
    "C:\Users\Admin\AppData\Local\Temp\hbtwo_20220318-173935.exe"
    1⤵
      PID:1652

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1652-54-0x000000000030F000-0x000000000037B000-memory.dmp
      Filesize

      432KB

      Download
    • memory/1652-55-0x000000000030F000-0x000000000037B000-memory.dmp
      Filesize

      432KB

      Download
    • memory/1652-56-0x00000000005A0000-0x000000000062B000-memory.dmp
      Filesize

      556KB

      Download
    • memory/1652-57-0x0000000000400000-0x000000000052E000-memory.dmp
      Filesize

      1.2MB

      Download
    • memory/1652-58-0x000000000037A000-0x00000000003CA000-memory.dmp
      Filesize

      320KB

      Download
    • memory/1652-59-0x0000000000400000-0x000000000052E000-memory.dmp
      Filesize

      1.2MB

      Download
    • memory/1652-60-0x0000000075CA1000-0x0000000075CA3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1652-61-0x000000000037A000-0x00000000003CA000-memory.dmp
      Filesize

      320KB

      Download
    • memory/1652-62-0x0000000001D60000-0x0000000001DF2000-memory.dmp
      Filesize

      584KB

      Download
    • memory/1652-63-0x0000000000400000-0x000000000052E000-memory.dmp
      Filesize

      1.2MB

      Download