General
-
Target
https://we.tl/t-5Ausz7WwmF
-
Sample
230131-wbxmvsbc8v
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://we.tl/t-5Ausz7WwmF
Resource
win10v2004-20221111-es
windows10-2004-x64
18 signatures
300 seconds
Malware Config
Extracted
Family
raccoon
Botnet
4e27b39e9aaa6403f36702b4d66f5024
C2
http://94.142.138.10/
http://94.142.138.9/
rc4.plain
Targets
-
-
Target
https://we.tl/t-5Ausz7WwmF
Score10/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-