General
-
Target
c483c6d289866c1d6797d7c052bb63502433345c4ed1ddaab597609d339dfb1f
-
Size
5.5MB
-
Sample
220508-tam1xsechj
-
MD5
9082ca2474afe8bb40b5ac9689077cff
-
SHA1
357ff934fbfceb6cf7dbd9b855be94d421b6c63a
-
SHA256
c483c6d289866c1d6797d7c052bb63502433345c4ed1ddaab597609d339dfb1f
-
SHA512
9a4f65eb02af3aa3c5a0e9852401528580356f391d57e12ee987c54d74f3c2bbbcceaf421a1b012bd06bd09a695435ea95d58edffa352299969b7f3e10eb32f1
Static task
static1
Behavioral task
behavioral1
Sample
c483c6d289866c1d6797d7c052bb63502433345c4ed1ddaab597609d339dfb1f.exe
Resource
win7-20220414-en
Malware Config
Extracted
raccoon
d3b72f993a992e6d054d4a843aa3a2b5f7054d03
-
url4cnc
https://telete.in/h_c014dzr_1
Targets
-
-
Target
c483c6d289866c1d6797d7c052bb63502433345c4ed1ddaab597609d339dfb1f
-
Size
5.5MB
-
MD5
9082ca2474afe8bb40b5ac9689077cff
-
SHA1
357ff934fbfceb6cf7dbd9b855be94d421b6c63a
-
SHA256
c483c6d289866c1d6797d7c052bb63502433345c4ed1ddaab597609d339dfb1f
-
SHA512
9a4f65eb02af3aa3c5a0e9852401528580356f391d57e12ee987c54d74f3c2bbbcceaf421a1b012bd06bd09a695435ea95d58edffa352299969b7f3e10eb32f1
-
Raccoon Stealer Payload
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-