General
-
Target
3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae
-
Size
6.1MB
-
Sample
220503-xyk31safa2
-
MD5
bfa9f46f5679d14bfa7248345a0b8a97
-
SHA1
8a5fddc5b1273601896a2501e25de1fa537a50d9
-
SHA256
3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae
-
SHA512
29022d8496b39840e4d00d9be5f57e73c1989f1f9a5cd0d8ca0f814267ef3de1a7fcc83b60fa973ff233e78ed1abe2bdd17376bca658483054ff4eedf0abffa3
Static task
static1
Behavioral task
behavioral1
Sample
3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae.exe
Resource
win7-20220414-en
Malware Config
Extracted
raccoon
c763e433ef51ff4b6c545800e4ba3b3b1a2ea077
-
url4cnc
https://telete.in/jbitchsucks
Targets
-
-
Target
3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae
-
Size
6.1MB
-
MD5
bfa9f46f5679d14bfa7248345a0b8a97
-
SHA1
8a5fddc5b1273601896a2501e25de1fa537a50d9
-
SHA256
3d6274e2af3615d5f62ee80f01a51a2e263a30b73bd83a3031eb7e76761c3dae
-
SHA512
29022d8496b39840e4d00d9be5f57e73c1989f1f9a5cd0d8ca0f814267ef3de1a7fcc83b60fa973ff233e78ed1abe2bdd17376bca658483054ff4eedf0abffa3
-
Raccoon Stealer Payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-