General
-
Target
GIMP_Image_Editor.rar
-
Size
195KB
-
Sample
230131-z11mlaad95
-
MD5
170be680f0c5dc9f7e524bba070b1d38
-
SHA1
a190a277b3568c37c0776ee53d976f78c0cb5f6e
-
SHA256
fe7a2837d94ab16dbc0d7684c574324259d9e3a7006df49afab1287683f65231
-
SHA512
d8e085c8f324b7272734fffaa6e614a566177d029de958490ba6e125b6dc94099790d0598cdce87852636069caa585b71cdde4db6fdb93ef979e4d114c47c5ee
-
SSDEEP
3072:HOzzVRRo5pQCwLCHICV8LVzFYgMt46IhNmCVzaswxCfVveyj:cVRRuiCwLBw85ptthYyzffVveQ
Static task
static1
Behavioral task
behavioral1
Sample
GIMP_Image_Editor.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
GIMP_Image_Editor.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
raccoon
bd2c43e0b868fc0101a29ea7ad50dd38
http://188.34.199.86/
Targets
-
-
Target
GIMP_Image_Editor.exe
-
Size
700.2MB
-
MD5
6e7818f6c5902684d1ea16df7ee32b9e
-
SHA1
b541449d13e078a72e8952e0871c47e016f1fde7
-
SHA256
1a05684f9650eedb9c51a372fcabf5e57f9de114d078fdb8cc944429a07f889b
-
SHA512
5392d881583b2bd65d22e4db91b296b2211add3daccb5bbd24f288fe1947078ff691e76683cafc47e289003ec369e04932af7b7aecc51fb5fa51042a42fdb9dd
-
SSDEEP
3072:Wq+Sji9qmSaCTtgEu013CwIWsp3dua+XWmkigRjjaODIGTZqAEsyxvxR+:Rn13ZI9NEW9ig9aODFq6h
Score10/10-
Suspicious use of SetThreadContext
-