General
-
Target
84f7ae051ae10d5d7dd0d6367e2ad0f037fc69a551db1bce54b6725ae5149fa8
-
Size
287KB
-
Sample
220911-zs4dhscbg2
-
MD5
3bb1d652dba7e11d1809b88564128fc9
-
SHA1
f3dedf469d604ec373f2cdc58c812447f653d7d5
-
SHA256
84f7ae051ae10d5d7dd0d6367e2ad0f037fc69a551db1bce54b6725ae5149fa8
-
SHA512
953c8762c5cd897d90a75504be7c6910e95c739dacedc64e318a44277a47f482f525cb4148723e4de790d36d9ee894e32b7c3bb214e73a36948b30b1b12b1bcb
-
SSDEEP
6144:lUmtjhfqBFXABT9KDczKDwh4M/nzfZFgPGbis:ltED+IDczKDwh4M/bt
Static task
static1
Behavioral task
behavioral1
Sample
84f7ae051ae10d5d7dd0d6367e2ad0f037fc69a551db1bce54b6725ae5149fa8.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
raccoon
567d5bff28c2a18132d2f88511f07435
http://116.203.167.5/
http://195.201.248.58/
Targets
-
-
Target
84f7ae051ae10d5d7dd0d6367e2ad0f037fc69a551db1bce54b6725ae5149fa8
-
Size
287KB
-
MD5
3bb1d652dba7e11d1809b88564128fc9
-
SHA1
f3dedf469d604ec373f2cdc58c812447f653d7d5
-
SHA256
84f7ae051ae10d5d7dd0d6367e2ad0f037fc69a551db1bce54b6725ae5149fa8
-
SHA512
953c8762c5cd897d90a75504be7c6910e95c739dacedc64e318a44277a47f482f525cb4148723e4de790d36d9ee894e32b7c3bb214e73a36948b30b1b12b1bcb
-
SSDEEP
6144:lUmtjhfqBFXABT9KDczKDwh4M/nzfZFgPGbis:ltED+IDczKDwh4M/bt
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-