General
-
Target
file.exe
-
Size
676KB
-
Sample
230129-z8fmdseg3t
-
MD5
86f5fc4c4e892540dd55816b592e6acc
-
SHA1
72ddfd7b2be3c8c0f8ef61024c815f6bf9c89291
-
SHA256
0c346b8657a834a536575fb82a6b9ee37c738547fb2e4de821917d9131ec3fe2
-
SHA512
9f6b15b2aee343bc92b38a91ada6758363f10638f3447ce945fbb8422a85297542d5453aa2ba51264a257eaa13eb28665b2e17ae8735b59fd08be67a979d11aa
-
SSDEEP
12288:28BR8ZROp7Z9Go5k25A0qkVUtNB22/+qaSaLMJfTE6EpcK:2e4o7G0k2bVUtNB523rSTE6Yj
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
raccoon
04f8fa0bf52b1b98a127f6deeac54f84
http://94.131.3.70/
http://83.217.11.11/
http://83.217.11.13/
http://83.217.11.14/
http://45.15.156.222/
Targets
-
-
Target
file.exe
-
Size
676KB
-
MD5
86f5fc4c4e892540dd55816b592e6acc
-
SHA1
72ddfd7b2be3c8c0f8ef61024c815f6bf9c89291
-
SHA256
0c346b8657a834a536575fb82a6b9ee37c738547fb2e4de821917d9131ec3fe2
-
SHA512
9f6b15b2aee343bc92b38a91ada6758363f10638f3447ce945fbb8422a85297542d5453aa2ba51264a257eaa13eb28665b2e17ae8735b59fd08be67a979d11aa
-
SSDEEP
12288:28BR8ZROp7Z9Go5k25A0qkVUtNB22/+qaSaLMJfTE6EpcK:2e4o7G0k2bVUtNB523rSTE6Yj
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-