General
-
Target
https://mega.nz/file/341xBZQJ#w_qd3vfstI9QqOqXWa0C8JX4FqvkAnRfYOZj1h24BEY
-
Sample
230331-wqny9sdf4v
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://mega.nz/file/341xBZQJ#w_qd3vfstI9QqOqXWa0C8JX4FqvkAnRfYOZj1h24BEY
Resource
win10v2004-20230220-en
windows10-2004-x64
16 signatures
300 seconds
Malware Config
Extracted
Family
raccoon
Botnet
01ce0bf18c5eb0152a13b2ee5d4d8adc
C2
http://37.220.87.69
http://83.217.11.6
rc4.plain
Targets
-
-
Target
https://mega.nz/file/341xBZQJ#w_qd3vfstI9QqOqXWa0C8JX4FqvkAnRfYOZj1h24BEY
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-