General
-
Target
be9c8c945c0574b5f21df0b8166342460b551d17448b85cbb07577b4045e2991
-
Size
20MB
-
Sample
220508-c5ymgagbam
-
MD5
787a4f7e16835b51fb70be27e45eda71
-
SHA1
e70fe56b79d7f52ad461b4399899c6eef7bb0a43
-
SHA256
be9c8c945c0574b5f21df0b8166342460b551d17448b85cbb07577b4045e2991
-
SHA512
492b40da5897dbf108c3d4bece162d9abc7881c202527c5a915a9dc42e88bdd04b184ed1baf3f293e977c9e69d60458dd12855697e5a6dbd0bb5a544f6e7af8d
Static task
static1
Behavioral task
behavioral1
Sample
be9c8c945c0574b5f21df0b8166342460b551d17448b85cbb07577b4045e2991.exe
Resource
win7-20220414-en
Malware Config
Extracted
raccoon
c763e433ef51ff4b6c545800e4ba3b3b1a2ea077
-
url4cnc
https://telete.in/jbitchsucks
Targets
-
-
Target
be9c8c945c0574b5f21df0b8166342460b551d17448b85cbb07577b4045e2991
-
Size
20MB
-
MD5
787a4f7e16835b51fb70be27e45eda71
-
SHA1
e70fe56b79d7f52ad461b4399899c6eef7bb0a43
-
SHA256
be9c8c945c0574b5f21df0b8166342460b551d17448b85cbb07577b4045e2991
-
SHA512
492b40da5897dbf108c3d4bece162d9abc7881c202527c5a915a9dc42e88bdd04b184ed1baf3f293e977c9e69d60458dd12855697e5a6dbd0bb5a544f6e7af8d
-
Modifies security service
-
Raccoon Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-