Overview
overview
10Static
static
1Setup.exe
windows7-x64
1Setup.exe
windows10-2004-x64
10ccme_ecc.dll
windows7-x64
1ccme_ecc.dll
windows10-2004-x64
1icucnv67.msi
windows7-x64
8icucnv67.msi
windows10-2004-x64
8icudt67.msi
windows7-x64
8icudt67.msi
windows10-2004-x64
8vcomp140.dll
windows7-x64
1vcomp140.dll
windows10-2004-x64
3vcruntime140.dll
windows7-x64
3vcruntime140.dll
windows10-2004-x64
3x86/ACE.dll
windows7-x64
1x86/ACE.dll
windows10-2004-x64
1x86/AGM.dll
windows7-x64
1x86/AGM.dll
windows10-2004-x64
1x86/AIDE.dll
windows7-x64
3x86/AIDE.dll
windows10-2004-x64
3x86/Acroba...OL.dll
windows7-x64
1x86/Acroba...OL.dll
windows10-2004-x64
1x86/Acroba...es.xml
windows7-x64
1x86/Acroba...es.xml
windows10-2004-x64
1x86/Acroba...32.dll
windows7-x64
3x86/Acroba...32.dll
windows10-2004-x64
3x86/AdobeXMP.dll
windows7-x64
1x86/AdobeXMP.dll
windows10-2004-x64
3x86/BIB.dll
windows7-x64
1x86/BIB.dll
windows10-2004-x64
1x86/BIBUtils.dll
windows7-x64
1x86/BIBUtils.dll
windows10-2004-x64
1x86/CoolType.dll
windows7-x64
3x86/CoolType.dll
windows10-2004-x64
3General
-
Target
Use_66656_As_Passw0rd.rar
-
Size
17.6MB
-
Sample
230221-nk4hrsge2v
-
MD5
a90a6f3e9a7941fd120ea70d93cd6e07
-
SHA1
5e530f2d2467f09310523b0df0cab5dabe04e9b6
-
SHA256
2a6ecde72991f3e1dba3d49106e26237bd95a505cd97d0b5caea59723e6fb28e
-
SHA512
ab2672a1a980d5fceddeb1b677b5e97e8278edc3efc50cd98b54f1ab1c353c52713ecd7756f166f4b7846d37b8053cc3dd04770de28c9c435b54f7af587bc79c
-
SSDEEP
393216:3K56QB9lAMCXBhw3XC3MlsHnGfcpACV2x9lcyyLz6EASiW4aITv3jw3i:a5ckHC3MaHqaylcyMPASiWvkPjD
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
ccme_ecc.dll
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
ccme_ecc.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral5
Sample
icucnv67.msi
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
icucnv67.msi
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
icudt67.msi
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
icudt67.msi
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
vcomp140.dll
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
vcomp140.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
vcruntime140.dll
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
vcruntime140.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
x86/ACE.dll
Resource
win7-20230220-en
Behavioral task
behavioral14
Sample
x86/ACE.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
x86/AGM.dll
Resource
win7-20230220-en
Behavioral task
behavioral16
Sample
x86/AGM.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
x86/AIDE.dll
Resource
win7-20230220-en
Behavioral task
behavioral18
Sample
x86/AIDE.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral19
Sample
x86/Acrobat/Acrobat32OL.dll
Resource
win7-20230220-en
Behavioral task
behavioral20
Sample
x86/Acrobat/Acrobat32OL.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral21
Sample
x86/Acrobat/Adobe.Acrobat.Dependencies.xml
Resource
win7-20230220-en
Behavioral task
behavioral22
Sample
x86/Acrobat/Adobe.Acrobat.Dependencies.xml
Resource
win10v2004-20230220-en
Behavioral task
behavioral23
Sample
x86/Acrobat/Onix32.dll
Resource
win7-20230220-en
Behavioral task
behavioral24
Sample
x86/Acrobat/Onix32.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral25
Sample
x86/AdobeXMP.dll
Resource
win7-20230220-en
Behavioral task
behavioral26
Sample
x86/AdobeXMP.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral27
Sample
x86/BIB.dll
Resource
win7-20230220-en
Behavioral task
behavioral28
Sample
x86/BIB.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral29
Sample
x86/BIBUtils.dll
Resource
win7-20230220-en
Behavioral task
behavioral30
Sample
x86/BIBUtils.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral31
Sample
x86/CoolType.dll
Resource
win7-20230220-en
Behavioral task
behavioral32
Sample
x86/CoolType.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
raccoon
697fc5d9af6aa2a29510779d2fc54b97
http://83.217.11.27/
http://83.217.11.28/
Targets
-
-
Target
Setup.exe
-
Size
726.5MB
-
MD5
7fb6c49cde9ba5be882706ca16319623
-
SHA1
03535e4293fd4f52188ba261194b98e0bef91f91
-
SHA256
61369af747dcb743d5100549e6ae0fd34edf329b65d488fb74c7159175f87145
-
SHA512
023bfb2d408072317f3d8ea0fb1a844e90edcd28a6506f8010feaacfc89f2b004f9dad7cfea4b5f81aa07fbe18cb062c6cb6f01593da039c2bb6a52b0d231396
-
SSDEEP
196608:ZqgN7IrT5UZrWm+JLv/iyKWouNQUDN8iM:ZvNUrTCZrJ+pv/vzoujK
Score10/10 -
-
-
Target
ccme_ecc.dll
-
Size
548KB
-
MD5
19f2641706952f221d5f1066d064db4d
-
SHA1
84bf37c1bd5cb3f35cd2aa934cd9c17cb2690282
-
SHA256
cd87094bdb78dbff8a593bef3952495414b2256eb75ac2d466da276d17e8bd9f
-
SHA512
155a8d9fe2fe238cbc341cb0f088b5be0b58bc2f0ab70eae488972c0e8cd0e16ae3afef64ab96e0c63f14ac53b2ab167f906e2b94bec7ba87b494121edf5ed67
-
SSDEEP
6144:Ra3lDLZaFal9tiA1GzrTJdln27EEvdABkVJAOlRs5DIcxkjSuo64hTQ0IL0QpC7K:RUlD9aFal94PDlGuBk3Js5DIqjv
Score1/10 -
-
-
Target
icucnv67.dll
-
Size
15KB
-
MD5
c89f7b63c258a2d8b68a4bdaf5bbb2d4
-
SHA1
b1181f70adef2cfc1b884aa4a895984843ca326c
-
SHA256
ee7e175ca56e43932878a617e3a1ac3c005e33ad6964277fea811417ca10d2f2
-
SHA512
39ca6c5ad801795bbaafe1c85719afdd7ced663ac2fb6530130797a40cd4ed7047d33292c5b41601408488cb5ed4926f9e0744d158a44b128bf517e0562d6e47
-
SSDEEP
192:+0NMi7v56dIYiYF8rVs9+qARHk/2WJfsHR9y2sE9jBFL2UzZ9O:+06iuIYiI9yHk/24i/8E9VFL2Ut9
Score8/10-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
icudt67.dll
-
Size
15KB
-
MD5
d73b8ebe06c05cddad49297f668b481e
-
SHA1
44b139944043d4c4c5a33e1782cd8256f3fa70aa
-
SHA256
6bb13375779535aa693f51038540381efba654676b1471a10b61c5ad616fb81e
-
SHA512
8dfe75a0219fa67803da33adea82f6e08fd568c938adad3174f9248f060306e4725852282538691a22fff29a9cd50af66c9d884c94f15c9ed392b9f3048844d6
-
SSDEEP
192:NFNMi7v56OIYiYF8rVs9+qARrk3WJfsHR9y2sE9jBFL2UzZQp:NF6idIYiI9yrk34i/8E9VFL2UtQ
Score8/10-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
vcomp140.dll
-
Size
176KB
-
MD5
884c6f8718fd95c25e16a4789ae3bf7a
-
SHA1
33f7e6846498871927d21bed11cc4ef41804112a
-
SHA256
f8d8aca399a0f7e40b2993584404b31f13bf18ea657a5feb85b37b15a249a275
-
SHA512
48384af2f6359ca3ee6996fc34df8c357164097f0c0c5cb30f5bd080baa6af3b4bcada17fb94933a99955f97c4ac0e554ca2373a5638e29db84e8318165c7b0c
-
SSDEEP
3072:+Pr3XpMvAiR3LQpxELm3uFX1TfgZhPlUDJR9ZURc/5:+znSvAiO+m3uFFOj+O6/5
Score3/10 -
-
-
Target
vcruntime140.dll
-
Size
94KB
-
MD5
11d9ac94e8cb17bd23dea89f8e757f18
-
SHA1
d4fb80a512486821ad320c4fd67abcae63005158
-
SHA256
e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e
-
SHA512
aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778
-
SSDEEP
1536:yDHLG4SsAzAvadZw+1Hcx8uIYNUzUnHg4becbK/zJrCT:yDrfZ+jPYNznHg4becbK/Fr
Score3/10 -
-
-
Target
x86/ACE.dll
-
Size
1.1MB
-
MD5
d0ae82cdf9911bec3eddda128602af04
-
SHA1
58e167521f2b028d03aeb6c926d34c2c969fa9c6
-
SHA256
f9675304d13efaee32e6b4a3317b64231a59b684532a898d12b4e7ed88518afd
-
SHA512
c1520462a8e02ab09e2a101207e88cf6861b48c32b7c2523047251496479740a84987fb19aba4dc8610abe2c81e5f7dbc80c51b8667f4953e17dda583d27557d
-
SSDEEP
24576:tmGLzPLOXbuKR17zBXE+MXRHRg2yTEg863NzSxoopoo+F:v3jOyY7zB0+MXRHRg2iBrdzSqF
Score1/10 -
-
-
Target
x86/AGM.dll
-
Size
5.8MB
-
MD5
b39b8d45413692ff856e9ba907256c2f
-
SHA1
ab06b594a57b8bbe0f4c4ba80a12129953521667
-
SHA256
ee32f4cbba3a601d57064695a8ed5955e1b9af984110d34504b8d5ebb132c084
-
SHA512
1dcc8bbbc55ac27b0a0b96e28de73338b972e2998bc9c33439c32b721de811b2c9ecf6d7953dfbdfadcbcc0c64f56871d09ae953a449c516578e9e8b3e1df661
-
SSDEEP
98304:lUpuc5sPE5fMZywrovF+rMnV17FVgvhiWaOuBue5SlIN:cuMCEZ3wrovF+a5Z
Score1/10 -
-
-
Target
x86/AIDE.dll
-
Size
2.0MB
-
MD5
ad388ce4c2cc3aaff605994da782d57e
-
SHA1
f43c3f588c77a34e8b81b63247ac1d7657016050
-
SHA256
d3ba1adbfeef8f19e4aa570299c06d39a87dfc5fe3d85946270b722e44dacda7
-
SHA512
f8e8f0fc5d8e01f8afe1aac55d3a301fa0019c6e80099616abf5a41c09aeabd0294e4391ddac170c2cd5bcff0b9e9cb4b559a2eca50a273e398083542065e27b
-
SSDEEP
49152:h50rEANbHm4w0H5QZXjr/nZA9XANcZ4T5lQ:b0rEcbG4w0H5QZTrnZEmlu
Score3/10 -
-
-
Target
x86/Acrobat/Acrobat32OL.dll
-
Size
200KB
-
MD5
18e5a6296e02efb842fb3d11ca0c7c63
-
SHA1
1a774bc3ec960bf1d639b883ba34de0a101748a8
-
SHA256
629b4cef2c394c6a1fad37e5ac6f497b3bdac489270d54f4e98c5dfc925ea883
-
SHA512
66fe300a275d0dc403479668a3120e6eb9a84a28736e64b24afc37298e556589b40c191a83f5871b2ad1778e0a8a65f7a0878f29d409b2efb9d51531854c5198
-
SSDEEP
6144:tbL7Ohthut5BCRVS989WUY+7F4C9WOOS0mvpMJDJ2C7ejmj:xL7ObhG5BZUYiF4C9WOOS0m+JD
Score1/10 -
-
-
Target
x86/Acrobat/Adobe.Acrobat.Dependencies.manifest
-
Size
298B
-
MD5
7bae8b27f113f2c1bdc4181b99117fe9
-
SHA1
541f5fa5fa52885e0068a6b891537f254e334609
-
SHA256
dae02d5688314c66f9001728eeff6010e8af413867dfe4982b6b2c66625d9bb1
-
SHA512
803342e6b91c444128e3fec7e8f64757ec3531e4e4efb5e00a7ae4d7b1fc1cf1d4a42d20b1d986c1a4090567abee79be657983253bd9e8cfdd121a5cbdfc0849
Score1/10 -
-
-
Target
x86/Acrobat/Onix32.dll
-
Size
745KB
-
MD5
e03d8bbcf584de58500efdac4c7b6a97
-
SHA1
7aac481128eda876bc111b0cb33e202c68ef1f93
-
SHA256
58cc0c31514e89a743c9b96c7892c256cd9daaa18bdcff784b8ddb1d5c15a163
-
SHA512
eb3346b4d93137476f57eb43c87e4160b5d85431e2e9a75fbf4250161414d290eead6bcdadb290e23f13158ea265da880ddef1cad4b12cce60c0fa9d4f95c3d2
-
SSDEEP
12288:JPuGQm/KqPd7dg3EPctRuVcnQUFkZrBzKWe5p7MQnowzk7NugLqKiaC3P2nYs8rh:gGQm/KqPd7dg3EPctRuVcnQUFkZrBzKz
Score3/10 -
-
-
Target
x86/AdobeXMP.dll
-
Size
887KB
-
MD5
7c3033588c1a187918cf3fd246069a3f
-
SHA1
2b637a9d37de604ae8e98fcbc73746ccc0402b31
-
SHA256
e958f4ed8272a96e599ff9f0a79331e7b5109104a9d20d3f760c7eb162daf7e0
-
SHA512
80d513d25477081c84af87e8127a02bb332204ad7399ac653a27ca726e446fd25518d36189bf90b10cbf34119d35501e006a2e06dbca5a96dc2348aff6b6fe91
-
SSDEEP
24576:7CaZsdfNjJaN0OdQfLCKVkDavzVi5p5bafAAy4:7ZspNQVQdkahi5zaf5R
Score3/10 -
-
-
Target
x86/BIB.dll
-
Size
119KB
-
MD5
404de37b800b661ebfaa218b20c8c0c6
-
SHA1
2a2416b663ee9d9ec6325d2c70bf05be27a73eac
-
SHA256
ca53407b356fcdea51a6d536447ed6b88ad14c87facf421080d141cae837eedc
-
SHA512
e6d66bcb0da4ca5456dab376385c73a918fc13c4b0ab9a05d2324dbb7a9fcf197d727acfbedb15e55452b916c9afde0ed01b233868a88ae0f34ee01306289430
-
SSDEEP
3072:x9mmiJ1WvqJ7fW7n/WY0EZrZsibdumKr9igRsNpKN02+OzHwn:TkaqJi7M0dO
Score1/10 -
-
-
Target
x86/BIBUtils.dll
-
Size
170KB
-
MD5
79622b56347c1fd44b74bd4ea74cb813
-
SHA1
51c1e13a4b5aad657c570149c529dd4963adf77a
-
SHA256
0f2b3d012a9abe420bc36c62847bba6ca4478ceebc018bad2b19f22d481fcc10
-
SHA512
ebc329e0d1d869107043e5b0a0e05d4322fa0a2bbc2c30411d51ce1b4b33778ee94f82ad072cc8cf75222f488e52bf52dfb7481edfdef3e39fd58259685ad195
-
SSDEEP
3072:0VMWnX3e6TCL2ssOGpibdy1ZLKDZW7TPtAlgeoVA/sis/zquLtyQh1g:0JnHeKk2s03q0nh
Score1/10 -
-
-
Target
x86/CoolType.dll
-
Size
3.2MB
-
MD5
6fb9f15b6a1dd1ee9cdb9b4ef290d69e
-
SHA1
c5955655e9b96004a72bbb09aa72996f3ddaa539
-
SHA256
d4a0db913fa555808ce627114fe6e2725970499c70364edbedf47d907d52242d
-
SHA512
24be26d2e0dc3e05f786ce3eee815247261fe99e1bff08e689d71bf68e7d5340e942aaaefd9203569f63c23a5f5cb46c1ff6a2d91f2753fd6d78240fffa7beed
-
SSDEEP
49152:37sVoVC47fsPVTs57ovd2MMg6NYpnd3EQUyfha+P/u6LSXvowU7u9qRXApP4Cqrt:37RCwfsdTk+dlb73ELyfhlf9K4Cqi3
Score3/10 -