General
-
Target
tmp
-
Size
737KB
-
Sample
230218-p4dbcscb94
-
MD5
8d013b4129e9f90f841a494190847b31
-
SHA1
53cefb2945a37889b5442cc45aea28dea8a5ac22
-
SHA256
5a53c1d7e6761dbe6b6ae5788cc6ffbbe78794d1eabc736251cce47c13ccfcc3
-
SHA512
c9152eb756d1d7ecf988c275365bb4bc4e7de7286a00893b9814d65bd6693e25be9509e1f3829db93bec629c6a9cec9252f645858bef0f6ee221b913da20dfbb
-
SSDEEP
12288:OS7vhV8dsyhucBzpzsr84zykKlj1tQowfxAiMNCXMfoufjuKLtnY3jIqP:VVEspUzxs4+Wlj1TZnJfo2TwEqP
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
raccoon
61a50d0da0e17c26716a9c0c62e3aa4b
http://31.41.244.153
Targets
-
-
Target
tmp
-
Size
737KB
-
MD5
8d013b4129e9f90f841a494190847b31
-
SHA1
53cefb2945a37889b5442cc45aea28dea8a5ac22
-
SHA256
5a53c1d7e6761dbe6b6ae5788cc6ffbbe78794d1eabc736251cce47c13ccfcc3
-
SHA512
c9152eb756d1d7ecf988c275365bb4bc4e7de7286a00893b9814d65bd6693e25be9509e1f3829db93bec629c6a9cec9252f645858bef0f6ee221b913da20dfbb
-
SSDEEP
12288:OS7vhV8dsyhucBzpzsr84zykKlj1tQowfxAiMNCXMfoufjuKLtnY3jIqP:VVEspUzxs4+Wlj1TZnJfo2TwEqP
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-