General
-
Target
2110de2df348890eae61adc38f726c8f5c746cc14c0e5364aec3a3580b72d388
-
Size
1.1MB
-
Sample
220612-lq5xnsffgq
-
MD5
88c26e240d5dc57ee1eb2abdde762afd
-
SHA1
edd18d72536c38cd8c546e679dcd424566ec7429
-
SHA256
2110de2df348890eae61adc38f726c8f5c746cc14c0e5364aec3a3580b72d388
-
SHA512
ab0d167931f57c5eefb3b39bd500705ebe55aaebc73d7817534f011f1d3ad8c05bad32d61da8abf8b08dc2a028a5d30f9a959b93770f0eb89836b7a9bb92b13c
Static task
static1
Behavioral task
behavioral1
Sample
2110de2df348890eae61adc38f726c8f5c746cc14c0e5364aec3a3580b72d388.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2110de2df348890eae61adc38f726c8f5c746cc14c0e5364aec3a3580b72d388.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
raccoon
231a2bef03530ea1eb31f9ad27af7d488aca1ee8
-
url4cnc
http://85.159.212.113/sibiusio
http://185.163.204.81/sibiusio
http://194.180.191.33/sibiusio
http://174.138.11.98/sibiusio
http://194.180.191.44/sibiusio
http://91.219.236.120/sibiusio
https://t.me/sibiusio
Targets
-
-
Target
2110de2df348890eae61adc38f726c8f5c746cc14c0e5364aec3a3580b72d388
-
Size
1.1MB
-
MD5
88c26e240d5dc57ee1eb2abdde762afd
-
SHA1
edd18d72536c38cd8c546e679dcd424566ec7429
-
SHA256
2110de2df348890eae61adc38f726c8f5c746cc14c0e5364aec3a3580b72d388
-
SHA512
ab0d167931f57c5eefb3b39bd500705ebe55aaebc73d7817534f011f1d3ad8c05bad32d61da8abf8b08dc2a028a5d30f9a959b93770f0eb89836b7a9bb92b13c
-
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
-
Suspicious use of SetThreadContext
-