General
-
Target
SetupFile_06546598566565566520230130001832.zip
-
Size
97.1MB
-
Sample
230130-psv22aca41
-
MD5
48c06193387d609f5bf0ef8113616194
-
SHA1
bd3e609ad259704eeaa564cfd5ecbc01ed249086
-
SHA256
ff7ce6bb4da1301b4a05577a8ca5e901d8469371686e273316362a3f50b4980f
-
SHA512
bf31809de748628899cc1e63505a1270d0172503fd19b91030ef3e29fc0ed2ea10ec245cfefb3f103565d80624fe19502d67fcfd8c5980022d722dffde78f172
-
SSDEEP
1572864:8vIfNLh1l4T0BbfJCDe3Y2F6W3E+EibZt2KRzk973Kt9jNRhwY/ZygpW7m9RRRyg:F/l4T05Jn3db3citfkG9jNPsg8mL
Static task
static1
Behavioral task
behavioral1
Sample
SetupFile.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SetupFile.exe
Resource
win10-20220901-en
Behavioral task
behavioral3
Sample
SetupFile.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
raccoon
4859a564051819b0e0da9c36d0cc3ca2
http://94.142.138.3/
Targets
-
-
Target
SetupFile.exe
-
Size
762.9MB
-
MD5
6ee8aef895a4a94d745ad2d1464e316c
-
SHA1
cf6ae8cb821267875a5b7224e13a1ea3b43d87bb
-
SHA256
76f4b9e74057d1a8d59934479a69c601833f3e7151f70f576924a70228451c7c
-
SHA512
97c7d9fa7e64f487d29704a57dd9bfe2f4478a709ddf5e1eae412148250f2755436a0104fc9ea76d6f6d7dd02fd2c7d19e4693cde35f98b7727a471142eb8b55
-
SSDEEP
98304:tfE8eSY+aKtQGU+dbeIhDDL1l1eEdW+xy/UNRc9X6UI4lXq81rwQIaVMPauQPKCx:tfEhj+3U+x9Xl13W8ysNRc9r/pqUx
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-