General
-
Target
Softiwe_Download.rar
-
Size
6.2MB
-
Sample
221110-vfsn2addfr
-
MD5
9c4cb4328e1059cd2d304c51cf30d13c
-
SHA1
fdfa445f23c791606625d6d49e4a0fc42c42f3ba
-
SHA256
8aa57051e2d9b8d7398e47b5cdabd32df0b28696a32d1d44a8bb6b463b1f3ddb
-
SHA512
d54d6b09f0bb9ff8af6a260663410a305225b731926bfb9aa6d3b7592866a97d50c52cb784d72a4ca3c042c8faa3d7539466dec3704ea0ee49c94ec7d5be83f5
-
SSDEEP
98304:WbCO8lrOEEBDp29pPXtrkemFgHu16bPjfBVxRwJKtyW8jmtBWSCYuNLJRB:SjtjQ9B9rMOhbfBgfjmtEDh
Static task
static1
Behavioral task
behavioral1
Sample
Softiwe Download/Softiwe Download.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Softiwe Download/Softiwe Download.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
raccoon
d2f643fdb867ca6beffc12549d6afb13
http://167.235.134.14/
Targets
-
-
Target
Softiwe Download/Softiwe Download.exe
-
Size
6.2MB
-
MD5
d09f24c0a05c276738452a9603749979
-
SHA1
523f40262b733b930eaf21252b895215f4452312
-
SHA256
8fb50a574fd1aa8828c17c9aee81ba2b08a435290eca3f2830e5a41d65199b52
-
SHA512
883f523cc4b7359e2ed6987448e35af74e2a3643caaf49085d01c429bee5b1dd43ae9e0f3c4a27a61810af7a9195d1b5727d926544f3430ab0ec92bfc0d6617c
-
SSDEEP
196608:4n3Wkb2vSZlGX1Kx0bmo9qQ/LerfFh1eU4xQNr:eGZtIx0r9qyebFzeU4xQN
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-