General
-
Target
File-Set-Up_PC.exe
-
Size
726.8MB
-
Sample
230131-mjvc2ahf9y
-
MD5
c26f79088276bb0d3d8331bf2a1aa254
-
SHA1
da5820a87543571ca684d1d0a7271143972ae77e
-
SHA256
8413e18f4f81fedd8ff3507d1d5c98124a2ecce21a743e0e5f0ee810bcb88a04
-
SHA512
7c3484e0f43a7ecf6141021fdafaa8aa18a10ce7838da86a1931ee5e8f87227addf8b12a8e3cfb5980358942b7fd6c44d44198471212fc9cd8d5ce62b9b1cda4
-
SSDEEP
196608:GGwDS7B4Xg1IJkXPMo4fZSM+kvV32DpW/b/Cs:GGBV4Xg1IJkf8wkvOsL
Static task
static1
Behavioral task
behavioral1
Sample
File-Set-Up_PC.exe
Resource
win10-20220812-es
Malware Config
Extracted
raccoon
8c3e4aa007fb2f2defacc1f952806f72
http://85.192.40.253/
http://170.75.160.9/
http://79.137.195.240/
Targets
-
-
Target
File-Set-Up_PC.exe
-
Size
726.8MB
-
MD5
c26f79088276bb0d3d8331bf2a1aa254
-
SHA1
da5820a87543571ca684d1d0a7271143972ae77e
-
SHA256
8413e18f4f81fedd8ff3507d1d5c98124a2ecce21a743e0e5f0ee810bcb88a04
-
SHA512
7c3484e0f43a7ecf6141021fdafaa8aa18a10ce7838da86a1931ee5e8f87227addf8b12a8e3cfb5980358942b7fd6c44d44198471212fc9cd8d5ce62b9b1cda4
-
SSDEEP
196608:GGwDS7B4Xg1IJkXPMo4fZSM+kvV32DpW/b/Cs:GGBV4Xg1IJkf8wkvOsL
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-