General
-
Target
122562ead436824cf33e2dad217a6bb0852eff2338e9f7753fa9a0c361020c37
-
Size
5MB
-
Sample
220503-xzrxysafb9
-
MD5
d2c47c3ee0a9e1bec99cba90f39fb843
-
SHA1
4f1c9b979e2de7270b6da85b75c7e37eb3c78648
-
SHA256
122562ead436824cf33e2dad217a6bb0852eff2338e9f7753fa9a0c361020c37
-
SHA512
494e2722de57ff7ff6cfceb4377cc86640941945c1ad644ccfcb78bcfdd0ce37b5b9f49eb477f605ab8fee8b483b657993211aa6dfa844fa144f2ba1fde5d3ef
Static task
static1
Behavioral task
behavioral1
Sample
122562ead436824cf33e2dad217a6bb0852eff2338e9f7753fa9a0c361020c37.exe
Resource
win7-20220414-en
Malware Config
Extracted
raccoon
c763e433ef51ff4b6c545800e4ba3b3b1a2ea077
-
url4cnc
https://telete.in/jbitchsucks
Targets
-
-
Target
122562ead436824cf33e2dad217a6bb0852eff2338e9f7753fa9a0c361020c37
-
Size
5MB
-
MD5
d2c47c3ee0a9e1bec99cba90f39fb843
-
SHA1
4f1c9b979e2de7270b6da85b75c7e37eb3c78648
-
SHA256
122562ead436824cf33e2dad217a6bb0852eff2338e9f7753fa9a0c361020c37
-
SHA512
494e2722de57ff7ff6cfceb4377cc86640941945c1ad644ccfcb78bcfdd0ce37b5b9f49eb477f605ab8fee8b483b657993211aa6dfa844fa144f2ba1fde5d3ef
-
Raccoon Stealer Payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-