General
-
Target
FOCVIVH.bin
-
Size
3.5MB
-
Sample
220928-xs3qwagha7
-
MD5
85c27c29bcd669111e83ece79e7e0a62
-
SHA1
24cb399e0de0896709242e3e2cc2b0435d5c206e
-
SHA256
c7d3d775fda24b3244022a1488315c51a55d54e155b8e788583c0d50a4a9f5e9
-
SHA512
9d01e2e090c553f3de1a85300f7faa36cee4a4e135ec47854529aaa1fe2fd2e0313b8202dbf875b6cc21e0a1ec46d1c1d379563ad7560470dd0a246c8bae7e99
-
SSDEEP
24576:DqkwrOTxquuoM1iHVHv/Rkelbl1RWuetgVR04suAKluiCionxi3tWEvvbwDiqBQd:4uuoBVH7XRWFIDpkdj
Static task
static1
Behavioral task
behavioral1
Sample
FOCVIVH.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
FOCVIVH.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
raccoon
9b19cf60d9bdf65b8a2495aa965456c3
http://5.2.70.65/
Targets
-
-
Target
FOCVIVH.bin
-
Size
3.5MB
-
MD5
85c27c29bcd669111e83ece79e7e0a62
-
SHA1
24cb399e0de0896709242e3e2cc2b0435d5c206e
-
SHA256
c7d3d775fda24b3244022a1488315c51a55d54e155b8e788583c0d50a4a9f5e9
-
SHA512
9d01e2e090c553f3de1a85300f7faa36cee4a4e135ec47854529aaa1fe2fd2e0313b8202dbf875b6cc21e0a1ec46d1c1d379563ad7560470dd0a246c8bae7e99
-
SSDEEP
24576:DqkwrOTxquuoM1iHVHv/Rkelbl1RWuetgVR04suAKluiCionxi3tWEvvbwDiqBQd:4uuoBVH7XRWFIDpkdj
Score10/10-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-