General
-
Target
d4e92bc7b11c1d0654bded6b65fb29923ec4dd5e39c76a3c4b0de13622514ac1
-
Size
22MB
-
Sample
220419-ctzemabdf4
-
MD5
33da466df744fad3028059fe760797fc
-
SHA1
39a2d83fb4728e8cd70821149653e6573567d843
-
SHA256
d4e92bc7b11c1d0654bded6b65fb29923ec4dd5e39c76a3c4b0de13622514ac1
-
SHA512
45af49db83a877aab76bde6751203b02e7c310924389f56f6fe7f38f41086063f1fff8a5a43ef7a157c4664751c501c909e0d190aefc6e239caa40796d1b5ebd
Static task
static1
Behavioral task
behavioral1
Sample
d4e92bc7b11c1d0654bded6b65fb29923ec4dd5e39c76a3c4b0de13622514ac1.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d4e92bc7b11c1d0654bded6b65fb29923ec4dd5e39c76a3c4b0de13622514ac1.exe
Resource
win10v2004-20220310-en
Malware Config
Extracted
raccoon
c763e433ef51ff4b6c545800e4ba3b3b1a2ea077
-
url4cnc
https://telete.in/jbitchsucks
Targets
-
-
Target
d4e92bc7b11c1d0654bded6b65fb29923ec4dd5e39c76a3c4b0de13622514ac1
-
Size
22MB
-
MD5
33da466df744fad3028059fe760797fc
-
SHA1
39a2d83fb4728e8cd70821149653e6573567d843
-
SHA256
d4e92bc7b11c1d0654bded6b65fb29923ec4dd5e39c76a3c4b0de13622514ac1
-
SHA512
45af49db83a877aab76bde6751203b02e7c310924389f56f6fe7f38f41086063f1fff8a5a43ef7a157c4664751c501c909e0d190aefc6e239caa40796d1b5ebd
-
Modifies security service
-
Raccoon Stealer Payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-