General
-
Target
5b8c06b231b7431a0d3db97321c748047057cc48bb0ffe7bb11f32ae18e7c004
-
Size
4.6MB
-
Sample
220907-rjxwdaccc8
-
MD5
4201e4c87fb2718d5445cda0c057797a
-
SHA1
d44cda25fe83336a813695ff6c6d0ee02bfb3eda
-
SHA256
5b8c06b231b7431a0d3db97321c748047057cc48bb0ffe7bb11f32ae18e7c004
-
SHA512
b472783f002df0d078baf7405f58e010f8cd1615a803cea12b6399347a3989594bc9319d12338324928944b04854340fe8ff1afbbec378e2df853c895011f851
-
SSDEEP
98304:Gn3OlG+FBT+yj000zjrcL/do1DBY2YKuRrfFsIMN:31p+yb6jIL/dQiUuFfmN
Static task
static1
Behavioral task
behavioral1
Sample
5b8c06b231b7431a0d3db97321c748047057cc48bb0ffe7bb11f32ae18e7c004.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5b8c06b231b7431a0d3db97321c748047057cc48bb0ffe7bb11f32ae18e7c004.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
raccoon
8eb14caca01131f5f4ff62ef8a0fcab4
http://77.75.230.25/
http://146.19.170.157/
Targets
-
-
Target
5b8c06b231b7431a0d3db97321c748047057cc48bb0ffe7bb11f32ae18e7c004
-
Size
4.6MB
-
MD5
4201e4c87fb2718d5445cda0c057797a
-
SHA1
d44cda25fe83336a813695ff6c6d0ee02bfb3eda
-
SHA256
5b8c06b231b7431a0d3db97321c748047057cc48bb0ffe7bb11f32ae18e7c004
-
SHA512
b472783f002df0d078baf7405f58e010f8cd1615a803cea12b6399347a3989594bc9319d12338324928944b04854340fe8ff1afbbec378e2df853c895011f851
-
SSDEEP
98304:Gn3OlG+FBT+yj000zjrcL/do1DBY2YKuRrfFsIMN:31p+yb6jIL/dQiUuFfmN
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-