General
-
Target
https://cdn.discordapp.com/attachments/1085538178498314340/1090705202878873690/Your_Full_Setup_Downloaded.zip
-
Sample
230330-nmra8adh6t
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://cdn.discordapp.com/attachments/1085538178498314340/1090705202878873690/Your_Full_Setup_Downloaded.zip
Resource
win10v2004-20230220-en
windows10-2004-x64
14 signatures
150 seconds
Malware Config
Extracted
Family
raccoon
Botnet
050dad105856ba55897f2cb8fb7dd979
C2
http://94.142.138.174/
rc4.plain
Targets
-
-
Target
https://cdn.discordapp.com/attachments/1085538178498314340/1090705202878873690/Your_Full_Setup_Downloaded.zip
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-