Overview
overview
10Static
static
1version_2.6_2023.rar
windows10-2004-x64
3version_2....23.unr
windows10-2004-x64
3version_2....er.dll
windows10-2004-x64
1version_2....PF.tmp
windows10-2004-x64
3version_2....PT.tmp
windows10-2004-x64
3version_2....in.xml
windows10-2004-x64
1version_2....nt.log
windows10-2004-x64
1version_2....ls.xml
windows10-2004-x64
1version_2....er.ini
windows10-2004-x64
1version_2....in.ini
windows10-2004-x64
1version_2....e.pimx
windows10-2004-x64
3version_2....ce.dll
windows10-2004-x64
1version_2....ls.xml
windows10-2004-x64
1version_2....nt.dll
windows10-2004-x64
1version_2....re.pbo
windows10-2004-x64
3version_2....ce.dll
windows10-2004-x64
1version_2....64.dll
windows10-2004-x64
1version_2....er.exe
windows10-2004-x64
10General
-
Target
version_2.6_2023.rar
-
Size
38.6MB
-
Sample
230420-zzrnasec6z
-
MD5
a5f0fcca435bc4c13a599df48bbed52c
-
SHA1
ee1a7371345c661084aef6239bd58d072204d9e4
-
SHA256
ca4bc63b5ab20803f45b51af345a28435128b4f703ec621d49ecafcba07b473a
-
SHA512
2ff6c488cd2102ea1d266d57b5cf1df20579fa11be1497d0651644edb2a7d4e7f58eebe8b5699ba813047909ce0e03a40bc2881e28a15663166eab372c927e32
-
SSDEEP
786432:haizEh7mfvPT3HqCLeDblmdFXekRRkRgikRxqM5PYGl3fccYOgTB0Bmma:siEh7uT3KCSF2FXekRRkRgiooM5Pl3fi
Static task
static1
Behavioral task
behavioral1
Sample
version_2.6_2023.rar
Resource
win10v2004-20230221-en
Behavioral task
behavioral2
Sample
version_2.6_2023/dаtа/2103_23.unr
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
version_2.6_2023/dаtа/Debug/Cracker.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral4
Sample
version_2.6_2023/dаtа/Debug/DebugPPF.tmp
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
version_2.6_2023/dаtа/Debug/DebugPPT.tmp
Resource
win10v2004-20230220-en
Behavioral task
behavioral6
Sample
version_2.6_2023/dаtа/Debug/Main.xml
Resource
win10v2004-20230221-en
Behavioral task
behavioral7
Sample
version_2.6_2023/dаtа/Debug/Management.log
Resource
win10v2004-20230220-en
Behavioral task
behavioral8
Sample
version_2.6_2023/dаtа/Debug/Utils.xml
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
version_2.6_2023/dаtа/Debug/updater.ini
Resource
win10v2004-20230220-en
Behavioral task
behavioral10
Sample
version_2.6_2023/dаtа/Main.ini
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
version_2.6_2023/dаtа/Packaged/Language.pimx
Resource
win10v2004-20230220-en
Behavioral task
behavioral12
Sample
version_2.6_2023/dаtа/Packaged/Resource.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral13
Sample
version_2.6_2023/dаtа/Packaged/Utils.xml
Resource
win10v2004-20230220-en
Behavioral task
behavioral14
Sample
version_2.6_2023/dаtа/Packaged/client.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
version_2.6_2023/dаtа/Packaged/core.pbo
Resource
win10v2004-20230220-en
Behavioral task
behavioral16
Sample
version_2.6_2023/dаtа/Resource.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
version_2.6_2023/dаtа/x32-x64.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral18
Sample
version_2.6_2023/uр_lоader.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
raccoon
f26f614d4c0bc2bcd6601785661fb5cf
http://37.220.87.66/
Targets
-
-
Target
version_2.6_2023.rar
-
Size
38.6MB
-
MD5
a5f0fcca435bc4c13a599df48bbed52c
-
SHA1
ee1a7371345c661084aef6239bd58d072204d9e4
-
SHA256
ca4bc63b5ab20803f45b51af345a28435128b4f703ec621d49ecafcba07b473a
-
SHA512
2ff6c488cd2102ea1d266d57b5cf1df20579fa11be1497d0651644edb2a7d4e7f58eebe8b5699ba813047909ce0e03a40bc2881e28a15663166eab372c927e32
-
SSDEEP
786432:haizEh7mfvPT3HqCLeDblmdFXekRRkRgikRxqM5PYGl3fccYOgTB0Bmma:siEh7uT3KCSF2FXekRRkRgiooM5Pl3fi
Score3/10 -
-
-
Target
version_2.6_2023/dаtа/2103_23.unr
-
Size
16.1MB
-
MD5
9d2868b2810a73ab6de40b03543ea5a7
-
SHA1
a62acdee707a3b8479c752a072e49f3782773144
-
SHA256
0dfc6943329f6a74fb0fc18151e7390ab47fb56b85e9706a53dff4adefb72368
-
SHA512
cd2a575791557b7a048b0ec075dfa1e51e7845ebd24d90fcc0cec940f0fa7a324b3914644da0bfe6570985cb319cededc6dca37e12541d9f94eb7ffa3c94da87
-
SSDEEP
98304:Yx8kIookIGPOo/F0g2lakbihkbiQooc8rC10cj0xOZM:Yx8knokFLFF2lT9CL4xOm
Score3/10 -
-
-
Target
version_2.6_2023/dаtа/Debug/Cracker.dll
-
Size
56KB
-
MD5
404aacc737a9d30147d30cee6be0abba
-
SHA1
5f49b9197d73b53eb3473c80a6f25dc068421baf
-
SHA256
3eec59d6aa2a45e368b99d09bcedf228290656a88de8a09ccc91867ab71f228c
-
SHA512
eb3716304571727d3134da4da46c5c91276afa20f5da26f2b89cc0cdc19f98592322b5e85fdc6a36e51636298ffac456a9057ed7d10c17e4955c4307cb933f20
-
SSDEEP
384:poaSsZTSyPG0TLMU9mCzkcu/b49Pji7iJI5TZCP56vS1a+dYUFv8WTa:W1yR8U9mCzkcu/8V2iP56v/+G0a
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Debug/DebugPPF.tmp
-
Size
11KB
-
MD5
b1e68fabd5c19aaa21de6351554aae2e
-
SHA1
66e7cf5d041a6ed9252ee4f6104ec0abb57d60b8
-
SHA256
63909409d9c79950289701c4a58605ea7fcd30703163fce0b4ac81204f0b3cca
-
SHA512
6e080f64d583e29a503282022ba587eb88903e2cf2bf943f9f9849fedf7f25dbfdeb02fae2803f03acf18b7a2bb37be1a1834e3b5ef7ef9098cfb0ee80a410dd
-
SSDEEP
192:fXBY6p0nsAXXOZfZz2zgJNGayrKy8pJErK7EuKr3eEohK11pS:PcnFneZz2zE/+rK7EuJ6S
Score3/10 -
-
-
Target
version_2.6_2023/dаtа/Debug/DebugPPT.tmp
-
Size
11KB
-
MD5
4969578a5fd8d113ab7783812849c1ed
-
SHA1
580f84362a74337b2ed25bd58700e9a002e51bc9
-
SHA256
9f2b02ba814c2975a7b6ed5aa03345046a9c9d3036481a8a109b132a951e82a0
-
SHA512
49dc150be750ff0a5b03fbe384debcc136d6dad513fa1c6284469de8e8aed1b865b2bd8271937030818094bcc5358dde6e146e3c784dd88fa9681a84c7a557ef
-
SSDEEP
192:W7F8knwe/KZztz2XFuUpcWOEai+S7UeAJo9pDWhuDyG/WE8cHtENQmfsB:WNn1y1p2XMUpcWb+qUerShuDl+8HerfQ
Score3/10 -
-
-
Target
version_2.6_2023/dаtа/Debug/Main.ini
-
Size
1KB
-
MD5
7b53ebd64e5781e02eaefb6739a6b556
-
SHA1
d5332b200cf5dcea0419afdb66a15d89b9eb619f
-
SHA256
b975c9251ef7394dcc69f49e54dc5aa5e8df32f9b5e8c687484ddd840eb94d20
-
SHA512
c4a25c07e19760547e91818ba6e9ec3fe89206c29429668731c7563b7407cb56d8c0adca519bf96dc82a1631e82cfe63b68439cad4102ea2a1df438bac8400fd
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Debug/Management.log
-
Size
8KB
-
MD5
ff765d6581fe6568aaae19de239b2e7a
-
SHA1
78b09b0ce2e59ce87f65251ea903842c1c77046a
-
SHA256
4dd051de9b04902fc59d411b1c27c42007cacca4ea52e88d71c897cad1d990cc
-
SHA512
8fa7c766fc1ac48408d964eb9844f9c4a2fb3e33357e736230024788ec71cb3c338397e16f8e556bbcaafd83c58f3af6a55ceaa9daff290b0e687093e5c97a2e
-
SSDEEP
192:+jfkNaok8wITITp8dNOgNH34lxeDKOgWNh0ctcoAd8dq5XrOGB3Wr:UkNaz8wWWp8dMA34lbLsq5Xqq3a
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Debug/Utils.dll
-
Size
1KB
-
MD5
73e051427246dd4ca45935b1a4bd7e2d
-
SHA1
7216f05041252f1c3a9d84aacdf84ef62f1a1045
-
SHA256
b7b8b412ab1e4f32da8a7cd42aeaa6e7d8d340cf14977d3e87f7d8f5eb689b0f
-
SHA512
3fc10dea91962244389214d189c141466f5630e99b01af5761738ce884df14050cd08a43802dc45bbe9117290c34143b85a75694b6301954b51972180dca1e36
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Debug/updater.ini
-
Size
1KB
-
MD5
c5d86abaf2caf3c56ef01756a92520ef
-
SHA1
b8f0744b6ce5754edae35f855b20b6103b39c40b
-
SHA256
a08be023d13355644caa6cda5db56d1835be480b360815499957c306602b61d1
-
SHA512
a0a33caf1bf9d775aec7404bba4ce15f2fbe01aef61851b2d985c68e8b6277d462ab633cd7d16f5f75fdb66c36e7bb02af19a68048c3d9423a8ef4fd5fde91b3
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Main.ini
-
Size
24KB
-
MD5
5bf4353d089309e57865ba86d4199004
-
SHA1
e2871968fc1aa99c821209f817a94b05b7b7a7f3
-
SHA256
96088d93be0c39001e87b5647bc8ffdef684a90fa02f0f91d430248f7c3415e2
-
SHA512
c8489b85c75cacc54535538736d75ab2a2fd60d29b764906fe7acbc26d9887515f5c316b9e2543b9511ffc348fcd88f5e01e4f1baaf9c5ecfb8a95061e12c4ed
-
SSDEEP
384:az91NaxrAlW10wt+CJgSz8/YK3uOvxtNhymeIbi2OrFc:az91NaxOCJgkRK3zvxtNN
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Packaged/Language.pimx
-
Size
22KB
-
MD5
01fbf905f95578b7c2eb370d5bd867b6
-
SHA1
6688f78f5afba9bbabca1a398371c063f67447c2
-
SHA256
a17506a018994501e0cf6847ceee97f7cd9ffcffc48b256d180175256ff5c0f7
-
SHA512
321c7c325dd886f7a154e7aed21b5e8789cd3ec28a0dd87ade8702524857fb2ff271fca16833f2d393ce9ca45cb6b0b87470357ace1bf49d65e7e0efdf423aa5
-
SSDEEP
384:ntMbm75pVUbnVhU9PFfRYzF66ZfxjUyy9FeQ3Np:ntMIInrU9PBRR6ZfxOX
Score3/10 -
-
-
Target
version_2.6_2023/dаtа/Packaged/Resource.dll
-
Size
10.7MB
-
MD5
641dadbb3f03938da99bf7c6c4cc482f
-
SHA1
b21bdb69a17642ade8e62fcbd779ff1bc89ea809
-
SHA256
883aefb081a1f9ef974ceb16e12c215e92fee13531c052279404bd11b2f8e479
-
SHA512
7aea5f0db9b261a17801124d6eef0df2d3ada4a6f624c8f4f2ee519a61171a3f06de9032493e3309a1a982fd1218613dde73a942942df2a8ec367e7f66a531f5
-
SSDEEP
196608:8B4DNtjVoWhIdAXplnpnh4uIKZ2K245peMKU3lRM9RVIO+QvSNG2uM+XGE4:04vWGIun1GKZ/2aZKU3lRvO+QvQgGP
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Packaged/Utils.dll
-
Size
1KB
-
MD5
73e051427246dd4ca45935b1a4bd7e2d
-
SHA1
7216f05041252f1c3a9d84aacdf84ef62f1a1045
-
SHA256
b7b8b412ab1e4f32da8a7cd42aeaa6e7d8d340cf14977d3e87f7d8f5eb689b0f
-
SHA512
3fc10dea91962244389214d189c141466f5630e99b01af5761738ce884df14050cd08a43802dc45bbe9117290c34143b85a75694b6301954b51972180dca1e36
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Packaged/client.dll
-
Size
15.6MB
-
MD5
2e2f34643a1f9721a9a28bd1f665df79
-
SHA1
b90a73fd7a28d3652a38374e75396418688e2ad9
-
SHA256
c3c44173041b770c31386d03092e32cdd04c0b8c76f6b2ecebaf022682754d19
-
SHA512
4860ae3a8696e92c59029170a5f4be56dc4c87929a4dde1291d42f4e39ed0dc2a99dc91303d5b749e255eb0459baf5f1809bbb83973a983ca13c9cb466ee1385
-
SSDEEP
393216:1j79no48NXxNBJ6op2peuqPi6++9tz30QVuuctf9Kl2rTpAYVOcxNvqvZrpZuDGt:d7ZQxNBJ6op2peuqPi6++9tz30QVuuc0
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/Packaged/core.pbo
-
Size
4.2MB
-
MD5
13db94b074cb5233580178905d66fa6b
-
SHA1
59ee2e194d066e8fde09818b43a1b6e21773776c
-
SHA256
a0fc1ea3a879aab62aa5424939d531e693ba438b05947b5e997945e39bedbd50
-
SHA512
0295b5aec2207c42ee4becd06173e1281d71d58ec39538cd8a410ac2c7ff3f152ba9b50d1d7ef14ed0a6ec9e8ee910cd80c9bd549961331e4c6519334c1883ba
-
SSDEEP
98304:WGWIOQJ+P9HuMvFrSw61wINMNJeQHSwmgWr:WdIOQJ+P9HuMvFrSw61wINMNJeQHSwmf
Score3/10 -
-
-
Target
version_2.6_2023/dаtа/Resource.dll
-
Size
10.7MB
-
MD5
641dadbb3f03938da99bf7c6c4cc482f
-
SHA1
b21bdb69a17642ade8e62fcbd779ff1bc89ea809
-
SHA256
883aefb081a1f9ef974ceb16e12c215e92fee13531c052279404bd11b2f8e479
-
SHA512
7aea5f0db9b261a17801124d6eef0df2d3ada4a6f624c8f4f2ee519a61171a3f06de9032493e3309a1a982fd1218613dde73a942942df2a8ec367e7f66a531f5
-
SSDEEP
196608:8B4DNtjVoWhIdAXplnpnh4uIKZ2K245peMKU3lRM9RVIO+QvSNG2uM+XGE4:04vWGIun1GKZ/2aZKU3lRvO+QvQgGP
Score1/10 -
-
-
Target
version_2.6_2023/dаtа/x32-x64.dll
-
Size
56KB
-
MD5
404aacc737a9d30147d30cee6be0abba
-
SHA1
5f49b9197d73b53eb3473c80a6f25dc068421baf
-
SHA256
3eec59d6aa2a45e368b99d09bcedf228290656a88de8a09ccc91867ab71f228c
-
SHA512
eb3716304571727d3134da4da46c5c91276afa20f5da26f2b89cc0cdc19f98592322b5e85fdc6a36e51636298ffac456a9057ed7d10c17e4955c4307cb933f20
-
SSDEEP
384:poaSsZTSyPG0TLMU9mCzkcu/b49Pji7iJI5TZCP56vS1a+dYUFv8WTa:W1yR8U9mCzkcu/8V2iP56v/+G0a
Score1/10 -
-
-
Target
version_2.6_2023/uр_lоader.exe
-
Size
963.1MB
-
MD5
da83115a5acb0284e0caa33d3ff654d2
-
SHA1
b1a29690ec2fcf5edb5f7713e809cdbe9d91aabf
-
SHA256
c52f16e89d78c70ec331851cfae6312deb1610934545870a7e44d102f8099410
-
SHA512
44165d1925c53fd2ea382dce17f47c673f72200b31427d5073da1a670d966796cc6bd938d9863786422233771edd53b9c99c1294d3c3ebcac7619122fa616726
-
SSDEEP
196608:dCPOqMTKbLeO9/cRS/U7mfoGGq5IR805gYZcjTBqCs+:MPOreXem/cRS/oO4h5gYZYTBQ
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-