General
-
Target
Files_Password_7890.rar
-
Size
17.0MB
-
Sample
230328-31lefsdh95
-
MD5
9df3584d599dfb14b4c663f0cca7a7fb
-
SHA1
31d05d21c937dd9b21e630100efba85fc6a54a20
-
SHA256
226ef7aa06959ada405da6cbdf16e03ed0be29b6cebfb4112096bbe10b835b98
-
SHA512
3b9c665034f742926e05c79d28bf71cda4cb1696b9c6000de090db7def78ba77ee7cb12074bea258945f09c63bbb16a80faf06d4c5dbec253974021a331dada6
-
SSDEEP
393216:dC4rlj+K31pSjK7j5zrHpll0QjKAju72kOCggGlj42kqLSQY6:d74K3rSiHr/Z42Rlc2VLSN6
Static task
static1
Behavioral task
behavioral1
Sample
Files_Password_7890.rar
Resource
win7-20230220-es
Behavioral task
behavioral2
Sample
Files_Password_7890.rar
Resource
win10v2004-20230220-es
Malware Config
Extracted
raccoon
01ce0bf18c5eb0152a13b2ee5d4d8adc
http://37.220.87.69
http://83.217.11.6
Targets
-
-
Target
Files_Password_7890.rar
-
Size
17.0MB
-
MD5
9df3584d599dfb14b4c663f0cca7a7fb
-
SHA1
31d05d21c937dd9b21e630100efba85fc6a54a20
-
SHA256
226ef7aa06959ada405da6cbdf16e03ed0be29b6cebfb4112096bbe10b835b98
-
SHA512
3b9c665034f742926e05c79d28bf71cda4cb1696b9c6000de090db7def78ba77ee7cb12074bea258945f09c63bbb16a80faf06d4c5dbec253974021a331dada6
-
SSDEEP
393216:dC4rlj+K31pSjK7j5zrHpll0QjKAju72kOCggGlj42kqLSQY6:d74K3rSiHr/Z42Rlc2VLSN6
Score10/10-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-