General
-
Target
6a397760dd396a44b3a305b1ea4a1c92.bin
-
Size
3.2MB
-
Sample
230130-xdxw3sbf52
-
MD5
b8b71c35afd491e3873ca95c2e74733f
-
SHA1
838a6e883af53a0327fc5b1b24bfbf617b997d71
-
SHA256
02d9ae7d0d0302f182bced1655c9902a9c231ac30a5ece1ebbb635946e86f26b
-
SHA512
b4756f5de8f3443f66001ad2f0bc6e0892d9fb16bd3c2e7caadb661c8e88ce91d031e8b992ff485a86718a07c83c10ce00cf9cdc5cbe42388b86a0c5cfeea95f
-
SSDEEP
98304:RjT9cJf1O+xd/6tKK6SmDozm0xgaZ2umLnb7:R/8fwGwYD8mbaZIT
Static task
static1
Behavioral task
behavioral1
Sample
filesetup_v17.3.4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
filesetup_v17.3.4.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
raccoon
058b163252af946c77f376d3f457096b
http://160.119.253.242
Targets
-
-
Target
filesetup_v17.3.4.exe
-
Size
694.8MB
-
MD5
849969eee450278d949286e3cf2e49fa
-
SHA1
c7aa87546edb8768afae08a3a6f5c30dd1934042
-
SHA256
63bfe18c23479fb787df25a84cb7e54d76528fdea1532b2b034f00b41b7cc923
-
SHA512
fb59a22784d86bc72f285d6d6ebae433de82e16ed0baa5a5dfb35619559f96977d2b6898b4fa7b5cc85ebebfd1c371b686810518ccc6e90c7a835f033bca6651
-
SSDEEP
12288:i1Bb9l5UFIM1mKtWJUSw30mav4C5Go8lA2Qp32zYsALPm1ir/khIjuDepZa2RCjt:i1RxkIM1K1q
Score10/10-
Blocklisted process makes network request
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-