General
-
Target
Softiwe Download.exe
-
Size
6.2MB
-
Sample
221110-xbrmaacef4
-
MD5
d09f24c0a05c276738452a9603749979
-
SHA1
523f40262b733b930eaf21252b895215f4452312
-
SHA256
8fb50a574fd1aa8828c17c9aee81ba2b08a435290eca3f2830e5a41d65199b52
-
SHA512
883f523cc4b7359e2ed6987448e35af74e2a3643caaf49085d01c429bee5b1dd43ae9e0f3c4a27a61810af7a9195d1b5727d926544f3430ab0ec92bfc0d6617c
-
SSDEEP
196608:4n3Wkb2vSZlGX1Kx0bmo9qQ/LerfFh1eU4xQNr:eGZtIx0r9qyebFzeU4xQN
Static task
static1
Behavioral task
behavioral1
Sample
Softiwe Download.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Softiwe Download.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
raccoon
d2f643fdb867ca6beffc12549d6afb13
http://167.235.134.14/
Targets
-
-
Target
Softiwe Download.exe
-
Size
6.2MB
-
MD5
d09f24c0a05c276738452a9603749979
-
SHA1
523f40262b733b930eaf21252b895215f4452312
-
SHA256
8fb50a574fd1aa8828c17c9aee81ba2b08a435290eca3f2830e5a41d65199b52
-
SHA512
883f523cc4b7359e2ed6987448e35af74e2a3643caaf49085d01c429bee5b1dd43ae9e0f3c4a27a61810af7a9195d1b5727d926544f3430ab0ec92bfc0d6617c
-
SSDEEP
196608:4n3Wkb2vSZlGX1Kx0bmo9qQ/LerfFh1eU4xQNr:eGZtIx0r9qyebFzeU4xQN
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-