General
-
Target
0ca3d2200b8f6aa7c27dee4e21501255458bfd168deed3bcb8c8588e577a252e
-
Size
99KB
-
Sample
221113-vzgqwafb9s
-
MD5
9e2604e94d07b689e1d44ef1f7c6d66e
-
SHA1
0da107b3ab1990f34a6c2ea41c2511eb3a1e7084
-
SHA256
0ca3d2200b8f6aa7c27dee4e21501255458bfd168deed3bcb8c8588e577a252e
-
SHA512
621b9f9b4ab24098e29bf600baffce21a5c61efc918ba8a6dad9de8bd11dfef806712efad0cd9c535b17adb0bbee5dc8e3619094d1576cf0ecc6898ab8e42fb5
-
SSDEEP
1536:hWoMfU1jzwxqdGqIOg1QNGia+df3WqRpngsW2pxPeM+Xtveu2mik2qR+a:aU14qdSC3Td3WCng3OP+X12mZ2qv
Static task
static1
Behavioral task
behavioral1
Sample
0ca3d2200b8f6aa7c27dee4e21501255458bfd168deed3bcb8c8588e577a252e.exe
Resource
win10-20220812-en
Malware Config
Extracted
raccoon
dbffbdbc9786a5c270e6dd2d647e18ea
http://79.137.205.87/
Targets
-
-
Target
0ca3d2200b8f6aa7c27dee4e21501255458bfd168deed3bcb8c8588e577a252e
-
Size
99KB
-
MD5
9e2604e94d07b689e1d44ef1f7c6d66e
-
SHA1
0da107b3ab1990f34a6c2ea41c2511eb3a1e7084
-
SHA256
0ca3d2200b8f6aa7c27dee4e21501255458bfd168deed3bcb8c8588e577a252e
-
SHA512
621b9f9b4ab24098e29bf600baffce21a5c61efc918ba8a6dad9de8bd11dfef806712efad0cd9c535b17adb0bbee5dc8e3619094d1576cf0ecc6898ab8e42fb5
-
SSDEEP
1536:hWoMfU1jzwxqdGqIOg1QNGia+df3WqRpngsW2pxPeM+Xtveu2mik2qR+a:aU14qdSC3Td3WCng3OP+X12mZ2qv
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-