Overview

overview

10

Static

static

10

Office 365...1_.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Office 365.zip

  • Size

    4.1MB

  • Sample

    230509-xkwmladd85

  • MD5

    eaa9b8c84918bf50bd5aa7365edbc609

  • SHA1

    c7e95e3c160fa402801b617e3989bb88c505ce74

  • SHA256

    5a1181c156e5a4d59ae2cc9ead5e1a610b384bdde50df9cde87e331e404629ab

  • SHA512

    875638d520504b3b0f59036babb69bb914c784f6fa4ddabdb5785406458fc0414fe2f4885ad72d87b01564b60961a24adf4ecf4ffd1a6e23cd73abbd4a067ddc

  • SSDEEP

    98304:qhxqjzGXKkHktIB1yBw5D1Ex/CL+KKhwY2sU3r:KCGX7Bj4/EKh7Ub

Score
10/10
raccoondiscovery

Malware Config

Extracted

Family

raccoon

rc4.plain

Targets

    • Target

      Office 365/Setup.x86.es-es_ProfessionalRetail_NKGG6-WBPCC-HXWMY-6DQGJ-CPQVG_act_1_.exe

    • Size

      4.1MB

    • MD5

      b30a19a565ef2c04e6d9f1711fa609f1

    • SHA1

      fcd3664cdf3cb28f7f0ed5609689a9a23869fc58

    • SHA256

      30e7005e6ba24b4de415962c45c3f0649421972aebe1e51f2162da78d5ae1d47

    • SHA512

      59a6d20190f47ab5d2a6c931b2fd12262c28562f0e4ec94e10b3487d11c099e11d2f53f790489d83e5c3e2f863e9eb5727aadfa3e1d346b5c1f287aad14de0d7

    • SSDEEP

      98304:rhxqjzGXKkHktIB1yBw5D1Ex/CL+KKhwY2sU36:jCGX7Bj4/EKh7Uq

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

5
T1012

System Information Discovery

5
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks