General
-
Target
Complete_Setup_Downloaded.zip
-
Size
6.4MB
-
Sample
230209-g7kwlsfh89
-
MD5
165bffcb2236b7cac6fe68b80fd32d72
-
SHA1
b74ea327c96e628b3a18c5598b43f18bdad4ee05
-
SHA256
7947fd2dcbc253e8b473b613522a5780000d20169c1262281ea5b5563051fdfc
-
SHA512
181971dbfd75f4978abf86dd15c9fdcc0f1a953afbfd94e46e5a9f6584a152b50e2a668a798f28b4ff9e79dc6846e97d7913274264454c65c4951abf794ade5b
-
SSDEEP
98304:O8VyqABtr3P/priBJeFD2Kc9JSgKuSvMRSR43fyvkW6z4ju07l7HBYS:oFBd3PFiGl2PnSXuS3cfyN/juoNBp
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win10-20220812-en
Malware Config
Extracted
raccoon
599808851ef410d49f93180efd636851
http://94.131.3.70/
http://83.217.11.11/
http://83.217.11.13/
http://83.217.11.14/
http://45.15.156.222/
Targets
-
-
Target
Setup.exe
-
Size
471.6MB
-
MD5
7bedf8f8d9ba0b08c0e94ee702901c60
-
SHA1
ddf9f0144414a25b54e22a25a745b9b382f6cb79
-
SHA256
61a46d25f7a94e8d145570c95e2c6482728c7ddadc51102f453742282937851a
-
SHA512
26169f8917f605c95fc6d127cda8af6114b938b4291b8d29896f304c01033b156a2a01256bc9561e410fb982164be5b9161870d1272d3f2260ee383e94359bde
-
SSDEEP
98304:DAZ5L7t/p5iBFKJj2ia1JsEWQefQ3Et4lxQR+m8DYtM21etH:8Z97tLiK12BvstQeVsxQP3tMk8
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-