General
-
Target
trrr.zip
-
Size
12.8MB
-
Sample
230404-g85x6sfb5s
-
MD5
c4145100c16b081164009577da27a092
-
SHA1
878125572e6c466ae05972f4e79b8ba0ecd22b85
-
SHA256
d89661cd71c3e3f7f74e181edf0353e8a62cca1221d6d38a01ccdd61129d7249
-
SHA512
59c16725740cbdedc1b19c313548f540e8a091ea586146313be63d6a1c1195e93c8284f8c4f88f5ad00f4565de761e41aacfd8a0e81c2c664e7a073d9b32b873
-
SSDEEP
196608:ZCc7a5yPdmizLbIIFijpO55lOb8FPH8JJa7cV89cB23RbFnJ12GAjJ0WdSb1mnXK:QW4y1z1FFU8tcPaIVAcEVFnJ1Npk6
Static task
static1
Behavioral task
behavioral1
Sample
trrr.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
trrr.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
raccoon
717609e6131226f92ce8ce08c34305be
http://37.220.87.66/
Targets
-
-
Target
trrr.exe
-
Size
13.1MB
-
MD5
72066f969e998d032d33e1ccc402c4fb
-
SHA1
6496b013fa2ea1fb5b29d59c757c1297e79be4ef
-
SHA256
532fd449b9bdf63d81f3a19c1bbae99b24f12a2714f1ba9ddd6b514d595677c2
-
SHA512
19169c15acb442a96fd0ece2825160acc235f353c1a25c7b3245fa437af7afefbd0a85f004eb8889b3f2fb1c91629752b33b7536bf9af2a0e96e2e87cca2579b
-
SSDEEP
393216:Vj+B2lHxU9hyBOTecFVt5zsYpy/Bcqm36a+:t+UlHxU9hyMjFD5zuBBmF+
Score10/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-