General
-
Target
b1d5c70027e084f56ece407a741a29ec.bin
-
Size
4.3MB
-
Sample
230130-x552rscb97
-
MD5
98787ad393ea5d568df3d257e57b5e3a
-
SHA1
1574299005d408d0255fb3ae7fc9ac7f4d2f2c43
-
SHA256
88c7068d215d547b3382ca251bfc2f9eb9e27cf7b55d356c153eb93038445ecc
-
SHA512
0b6095dd8538fcb9a6f30c1ae8a32eb39f7b0e9a260085ea31f7df482247ba43dacbe76b53003273f2110eb701167f5db4e2d943982cbf7a53658b5da6daf5af
-
SSDEEP
98304:a+eea1uaEp4WZSDbpg4xkLbkPycb+1CYahSaZROH:a+eXbppxWk6c61B/SOH
Static task
static1
Behavioral task
behavioral1
Sample
filesetup_v17.3.4/filesetup_v17.3.4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
filesetup_v17.3.4/filesetup_v17.3.4.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
raccoon
058b163252af946c77f376d3f457096b
http://160.119.253.242
Targets
-
-
Target
filesetup_v17.3.4/filesetup_v17.3.4.jpg
-
Size
694.8MB
-
MD5
849969eee450278d949286e3cf2e49fa
-
SHA1
c7aa87546edb8768afae08a3a6f5c30dd1934042
-
SHA256
63bfe18c23479fb787df25a84cb7e54d76528fdea1532b2b034f00b41b7cc923
-
SHA512
fb59a22784d86bc72f285d6d6ebae433de82e16ed0baa5a5dfb35619559f96977d2b6898b4fa7b5cc85ebebfd1c371b686810518ccc6e90c7a835f033bca6651
-
SSDEEP
12288:i1Bb9l5UFIM1mKtWJUSw30mav4C5Go8lA2Qp32zYsALPm1ir/khIjuDepZa2RCjt:i1RxkIM1K1q
Score10/10-
Blocklisted process makes network request
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-