General
-
Target
https://cdn.discordapp.com/attachments/939583004387471483/952319283906617374/GIFT_VOUCHER.zip
-
Sample
220511-anz3vseafq
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://cdn.discordapp.com/attachments/939583004387471483/952319283906617374/GIFT_VOUCHER.zip
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
https://cdn.discordapp.com/attachments/939583004387471483/952319283906617374/GIFT_VOUCHER.zip
Resource
win10v2004-20220414-en
Malware Config
Extracted
raccoon
7994c54742ba2370446cc758f5e797d4fefc8347
-
url4cnc
http://85.159.212.113/darnerd00m
http://185.163.204.81/darnerd00m
http://194.180.191.33/darnerd00m
http://174.138.11.98/darnerd00m
http://194.180.191.44/darnerd00m
http://91.219.236.120/darnerd00m
https://t.me/darnerd00m
Targets
-
-
Target
https://cdn.discordapp.com/attachments/939583004387471483/952319283906617374/GIFT_VOUCHER.zip
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-