General
-
Target
fce7f27c7e2b58c267207aaf13c3a115f34487fd551aced03f85e2977c0932c5
-
Size
294KB
-
Sample
221013-b6tjgaadbl
-
MD5
16e8f1670668384884715f4efbbbebd1
-
SHA1
3f8bc0ef848ecebf1f6c24c47fcf8d225de20b60
-
SHA256
fce7f27c7e2b58c267207aaf13c3a115f34487fd551aced03f85e2977c0932c5
-
SHA512
72d25a5ebef7353fa7f9f62e4d58dfbaa9e248e0a6e035dd1455e174c7be0a79692d30e3a81d01ea80c4271aa77052ee83a032f46843285f02f95cf27f761b41
-
SSDEEP
3072:JOC+EnCeqk1oPh1MZf8EQ1DyWgi/ysf0eC:EYN9oJ1MZ0JGW5rfs
Static task
static1
Behavioral task
behavioral1
Sample
fce7f27c7e2b58c267207aaf13c3a115f34487fd551aced03f85e2977c0932c5.exe
Resource
win7-20220901-en
Malware Config
Extracted
raccoon
d6584fcd1734d77c0004e30a172dc0e0
http://84.32.188.111/
http://5.252.21.28/
http://87.120.254.71
Extracted
colibri
1.2.0
Build1
http://zpltcmgodhvvedxtfcygvbgjkvgvcguygytfigj.cc/gate.php
http://yugyuvyugguitgyuigtfyutdtoghghbbgyv.cx/gate.php
Targets
-
-
Target
fce7f27c7e2b58c267207aaf13c3a115f34487fd551aced03f85e2977c0932c5
-
Size
294KB
-
MD5
16e8f1670668384884715f4efbbbebd1
-
SHA1
3f8bc0ef848ecebf1f6c24c47fcf8d225de20b60
-
SHA256
fce7f27c7e2b58c267207aaf13c3a115f34487fd551aced03f85e2977c0932c5
-
SHA512
72d25a5ebef7353fa7f9f62e4d58dfbaa9e248e0a6e035dd1455e174c7be0a79692d30e3a81d01ea80c4271aa77052ee83a032f46843285f02f95cf27f761b41
-
SSDEEP
3072:JOC+EnCeqk1oPh1MZf8EQ1DyWgi/ysf0eC:EYN9oJ1MZ0JGW5rfs
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-