General
-
Target
c83a43c9645f2716288130f311314b673e66e20084b432ce3b8ce8cdf39782c8
-
Size
23.9MB
-
Sample
220511-24r6qsfahm
-
MD5
5e09313befea3f8ef5567f724ada60fe
-
SHA1
48fab70a85e6da34fa0070163f7ea6ac16fc5d37
-
SHA256
c83a43c9645f2716288130f311314b673e66e20084b432ce3b8ce8cdf39782c8
-
SHA512
9df529de88a8b8c157f7deac7e3998cca8f0dabeebda58f6dbc6ca3c22970897a0b7a51fab3562462b65de8e7830b3437612ab6ae999b90607007d1ba0c20598
Static task
static1
Behavioral task
behavioral1
Sample
c83a43c9645f2716288130f311314b673e66e20084b432ce3b8ce8cdf39782c8.exe
Resource
win7-20220414-en
Malware Config
Extracted
raccoon
c763e433ef51ff4b6c545800e4ba3b3b1a2ea077
-
url4cnc
https://telete.in/jbitchsucks
Targets
-
-
Target
c83a43c9645f2716288130f311314b673e66e20084b432ce3b8ce8cdf39782c8
-
Size
23.9MB
-
MD5
5e09313befea3f8ef5567f724ada60fe
-
SHA1
48fab70a85e6da34fa0070163f7ea6ac16fc5d37
-
SHA256
c83a43c9645f2716288130f311314b673e66e20084b432ce3b8ce8cdf39782c8
-
SHA512
9df529de88a8b8c157f7deac7e3998cca8f0dabeebda58f6dbc6ca3c22970897a0b7a51fab3562462b65de8e7830b3437612ab6ae999b90607007d1ba0c20598
-
Modifies security service
-
Raccoon Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-