General
-
Target
b6c63317d884b7fef58431c1ca61fd85438246a23c3e6920b3584741cc455846.zip
-
Size
3.2MB
-
Sample
230321-r4fgtsbd68
-
MD5
74f1461cf41558461253d27bd0595e00
-
SHA1
44c95dc8400239aa31859ab43b39db2c409ea1cd
-
SHA256
a7d75810d2d2a82e4d554f774bf84336dcb06f20f1d1ba23253a223c53e025cb
-
SHA512
fb8f2af0a314d1cc99815b845adf1d5cdfc94d4adab83cc9bfc966cbd73b34a6d13e8ce816d0f53e936544fdc578712b0975aa234e508481b9490fd425f5eff1
-
SSDEEP
49152:5Tu04U07+W6W/FobXzamNdnF8xP5Mekgmb2C0bcQ/3gJwjtI8mr/uYKEbBKr0IqJ:l2+W+zb7IPh0bqh/MmtIl/u9P356pwg
Behavioral task
behavioral1
Sample
b6c63317d884b7fef58431c1ca61fd85438246a23c3e6920b3584741cc455846.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
b6c63317d884b7fef58431c1ca61fd85438246a23c3e6920b3584741cc455846.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
raccoon
540b1db0b12b23e63e6942952aa03e47
http://45.9.74.36/
http://45.9.74.34/
Targets
-
-
Target
b6c63317d884b7fef58431c1ca61fd85438246a23c3e6920b3584741cc455846.exe
-
Size
20.0MB
-
MD5
4920bdeb33972d9f4ef1f4d598fb3bb7
-
SHA1
043c5ee1e45accffa8d02c88fe65338c92606d74
-
SHA256
b6c63317d884b7fef58431c1ca61fd85438246a23c3e6920b3584741cc455846
-
SHA512
5b6b1f5912ef401b75dfb0a5cf9f1048a065bb44bc6c5c65e5de316250039ae61230015f6802f629d2e60409c818b3831b5013517449f8eff300bf0064b394d9
-
SSDEEP
98304:3Vde8FivCeGDRsiSc/XBgZrzyWGgRSL6O2jSk6adBNWuz+VRD0MbQt:HZFwAur6XBazEgRSSjS5aT1z+/D0yQt
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-