General
-
Target
783113387c8c4f2c14aa72e46f541a56.exe
-
Size
288KB
-
Sample
220911-zpvl7scbf2
-
MD5
783113387c8c4f2c14aa72e46f541a56
-
SHA1
abbbbcda4f84351cb20486d58f49f8c4ab903828
-
SHA256
3dd554251ff82ea8e869a7b847623ea9faccbd9b99729ae298b2b76689641f41
-
SHA512
eaefbbd654b86678f9db9eec5585176b89039e6dfb3eee10f2646b57633c6661ff813cc63c4c7591388a0f187a3d920c21d7b5500e86149e206ff30674c3cff3
-
SSDEEP
6144:/qWZLRWNwwTb0S98Cca+jGJHd3tXWMPXUvb0M7I:/zL2frOCca+jGJHd3go
Static task
static1
Behavioral task
behavioral1
Sample
783113387c8c4f2c14aa72e46f541a56.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
783113387c8c4f2c14aa72e46f541a56.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
raccoon
567d5bff28c2a18132d2f88511f07435
http://116.203.167.5/
http://195.201.248.58/
Targets
-
-
Target
783113387c8c4f2c14aa72e46f541a56.exe
-
Size
288KB
-
MD5
783113387c8c4f2c14aa72e46f541a56
-
SHA1
abbbbcda4f84351cb20486d58f49f8c4ab903828
-
SHA256
3dd554251ff82ea8e869a7b847623ea9faccbd9b99729ae298b2b76689641f41
-
SHA512
eaefbbd654b86678f9db9eec5585176b89039e6dfb3eee10f2646b57633c6661ff813cc63c4c7591388a0f187a3d920c21d7b5500e86149e206ff30674c3cff3
-
SSDEEP
6144:/qWZLRWNwwTb0S98Cca+jGJHd3tXWMPXUvb0M7I:/zL2frOCca+jGJHd3go
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-