General
-
Target
77860ceeea9d024405a1ceb41a347159a49c9dcf480bcf7fb1272eda405e52b6
-
Size
1.3MB
-
Sample
221115-17gczaca9t
-
MD5
e183a2b4a47cd6e1e922b987450216f8
-
SHA1
81af106bc20dbff1c3892a88134f52d0a10f5159
-
SHA256
77860ceeea9d024405a1ceb41a347159a49c9dcf480bcf7fb1272eda405e52b6
-
SHA512
d2220161f3f5ad91729cc075dae7ad0956b04eb4013d47c50a3ff6ca2c2ef5bf2c2f9ff380c7f952c39480d3c667ac3c1f8f3269515d51fc5e589a07f496f0a7
-
SSDEEP
24576:qRx5NbwcVMH76k9dwyCSXkWEjvp/MMbEwDLpRFm0m/WOlwAydyKJb0D:qRxYPYSXFEjx0CbDLpR4TuGIbJ
Static task
static1
Behavioral task
behavioral1
Sample
77860ceeea9d024405a1ceb41a347159a49c9dcf480bcf7fb1272eda405e52b6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
77860ceeea9d024405a1ceb41a347159a49c9dcf480bcf7fb1272eda405e52b6.exe
Resource
win10-20220901-en
Malware Config
Extracted
raccoon
dbffbdbc9786a5c270e6dd2d647e18ea
http://79.137.205.87/
Targets
-
-
Target
77860ceeea9d024405a1ceb41a347159a49c9dcf480bcf7fb1272eda405e52b6
-
Size
1.3MB
-
MD5
e183a2b4a47cd6e1e922b987450216f8
-
SHA1
81af106bc20dbff1c3892a88134f52d0a10f5159
-
SHA256
77860ceeea9d024405a1ceb41a347159a49c9dcf480bcf7fb1272eda405e52b6
-
SHA512
d2220161f3f5ad91729cc075dae7ad0956b04eb4013d47c50a3ff6ca2c2ef5bf2c2f9ff380c7f952c39480d3c667ac3c1f8f3269515d51fc5e589a07f496f0a7
-
SSDEEP
24576:qRx5NbwcVMH76k9dwyCSXkWEjvp/MMbEwDLpRFm0m/WOlwAydyKJb0D:qRxYPYSXFEjx0CbDLpR4TuGIbJ
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-