General
-
Target
c5674099c10fc02100253a248cd1d4f9.bin
-
Size
192KB
-
Sample
230514-cc6sdaac93
-
MD5
5725b529b067a1a5f80784dd8061e037
-
SHA1
5fb2fa7d40a33cd6111c41fe407b2d486a3add7d
-
SHA256
79def32819cf19e69a73c644a5c910318d8efe56d1103e088d08fb0529ad1a99
-
SHA512
c88798c341b16b81d0ccf878f500c8c1d5f7c33a5c80333b1525ed0d6d7df02efc8c27798e19f7a9fdab1e3e338d7b7f7c304b1b2255468ffe649f78cc99ea7b
-
SSDEEP
6144:NjLVrXnYJuiEMRP2SB3emDlgvhf6/drzYkNh5g8:NjtXnENTRdOqlGhfAd/YkNx
Static task
static1
Behavioral task
behavioral1
Sample
d6832a537c3e0be47b10e40736bed91c4768ace163b110d96c6700aabe6c5fb3.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
d6832a537c3e0be47b10e40736bed91c4768ace163b110d96c6700aabe6c5fb3.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
raccoon
073a56fe38eae9c7effa31d6284ce988
http://5.39.117.99/
Targets
-
-
Target
d6832a537c3e0be47b10e40736bed91c4768ace163b110d96c6700aabe6c5fb3.exe
-
Size
332KB
-
MD5
c5674099c10fc02100253a248cd1d4f9
-
SHA1
489a0dc2967bf1e0dd30e984eeaff4cd07ab8dae
-
SHA256
d6832a537c3e0be47b10e40736bed91c4768ace163b110d96c6700aabe6c5fb3
-
SHA512
4c13a467a70a425d366d94dd2ba45fd8b7f3d12705aea99d418fa76be6d26bf37c6cd5d9363890be7dc69add4ff488aff6a4cdbd346851eea73cae0887d0e4cc
-
SSDEEP
6144:xMtTVz4Zwp+e50XrDkodpbMk9d2p8gSqP4p1IOq:MajX2p8gSqO14
Score10/10-
Blocklisted process makes network request
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-