General
-
Target
Latest_Setup1_FullNew_Version.rar
-
Size
16.1MB
-
Sample
230401-cq4j6sgf81
-
MD5
45389d7df337ce42623655e4b072899b
-
SHA1
b8434572aa3ec8be8adcce4819465302e3e10086
-
SHA256
5374d9474834b553f270ec7803560c6618207f67eefb01abc714eea827e44856
-
SHA512
d13a550d71d1f6624aaa4decdf974c3f64bbc82efd68f7921ebee54b3724a373790d018be64c94934355dbd28725dce296af6462a80e05ebc2ff77c524ae0376
-
SSDEEP
393216:QaijhO38CogSyvLRP0T1c1DJOD+1EOgeFoqH6z+t:QaWE1ypcTq0Na6t
Static task
static1
Behavioral task
behavioral1
Sample
Latest_Setup1_FullNew_Version.rar
Resource
win7-20230220-es
Behavioral task
behavioral2
Sample
Latest_Setup1_FullNew_Version.rar
Resource
win10v2004-20230220-es
Malware Config
Extracted
raccoon
13718a923845c0cdab8ce45c585b8d63
http://45.15.156.143/
Targets
-
-
Target
Latest_Setup1_FullNew_Version.rar
-
Size
16.1MB
-
MD5
45389d7df337ce42623655e4b072899b
-
SHA1
b8434572aa3ec8be8adcce4819465302e3e10086
-
SHA256
5374d9474834b553f270ec7803560c6618207f67eefb01abc714eea827e44856
-
SHA512
d13a550d71d1f6624aaa4decdf974c3f64bbc82efd68f7921ebee54b3724a373790d018be64c94934355dbd28725dce296af6462a80e05ebc2ff77c524ae0376
-
SSDEEP
393216:QaijhO38CogSyvLRP0T1c1DJOD+1EOgeFoqH6z+t:QaWE1ypcTq0Na6t
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-