General
-
Target
71273ccf9881c6a687023fa1c40df85278346d3229307aee6cea6e7f6910925e
-
Size
23.9MB
-
Sample
220511-24va4acdc8
-
MD5
6ca4fb6e640d6da6066f5862cc79b09f
-
SHA1
b23f145e90da334b176b4f6a55e948f2cff48a77
-
SHA256
71273ccf9881c6a687023fa1c40df85278346d3229307aee6cea6e7f6910925e
-
SHA512
6d0578e4d44bc4652dddaa5c7a2bc4c02cc9d82832946824222a659898ac486d3dbaa8e25e979d258fd0e722a56e38b5279ef2b50227b73d1aa51a805a9f80eb
Static task
static1
Behavioral task
behavioral1
Sample
71273ccf9881c6a687023fa1c40df85278346d3229307aee6cea6e7f6910925e.exe
Resource
win7-20220414-en
Malware Config
Extracted
raccoon
c763e433ef51ff4b6c545800e4ba3b3b1a2ea077
-
url4cnc
https://telete.in/jbitchsucks
Targets
-
-
Target
71273ccf9881c6a687023fa1c40df85278346d3229307aee6cea6e7f6910925e
-
Size
23.9MB
-
MD5
6ca4fb6e640d6da6066f5862cc79b09f
-
SHA1
b23f145e90da334b176b4f6a55e948f2cff48a77
-
SHA256
71273ccf9881c6a687023fa1c40df85278346d3229307aee6cea6e7f6910925e
-
SHA512
6d0578e4d44bc4652dddaa5c7a2bc4c02cc9d82832946824222a659898ac486d3dbaa8e25e979d258fd0e722a56e38b5279ef2b50227b73d1aa51a805a9f80eb
-
Modifies security service
-
Raccoon Stealer Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-