General
-
Target
Pre_Satup1_Activate.exe
-
Size
66.0MB
-
Sample
230723-lxs7fsdg62
-
MD5
60c266e24923ebb2f88f2e29d45cc553
-
SHA1
893fa582caeca62faf5fccce950f5b654ef339c5
-
SHA256
d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e
-
SHA512
e2c87a7c2fa8a3f07fff03505592c74a5528249c40e40573deb2a5dfc2961a99ac6f4d28324982555f7296d706901940f66e6a85e25a4492d42f1e674943fd15
-
SSDEEP
12288:cTSptB012lD9Gx/4fj0gcSyGD8Apjl4IWQAqOs/Dq1tXLi1CBpojCSguSYrsE1EP:cTam2bGwPc651uI9BCXhcjCSRrNgougc
Static task
static1
Behavioral task
behavioral1
Sample
Pre_Satup1_Activate.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
Pre_Satup1_Activate.exe
Resource
win10-20230703-en
Behavioral task
behavioral3
Sample
Pre_Satup1_Activate.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
raccoon
5ec3a3775a41038ee7acd6146ee95411
http://94.142.138.6:80/
Targets
-
-
Target
Pre_Satup1_Activate.exe
-
Size
66.0MB
-
MD5
60c266e24923ebb2f88f2e29d45cc553
-
SHA1
893fa582caeca62faf5fccce950f5b654ef339c5
-
SHA256
d2a63c6d9cdda0bc062b61cf77d84259c451edfed1a01401e519bc75cfff7e8e
-
SHA512
e2c87a7c2fa8a3f07fff03505592c74a5528249c40e40573deb2a5dfc2961a99ac6f4d28324982555f7296d706901940f66e6a85e25a4492d42f1e674943fd15
-
SSDEEP
12288:cTSptB012lD9Gx/4fj0gcSyGD8Apjl4IWQAqOs/Dq1tXLi1CBpojCSguSYrsE1EP:cTam2bGwPc651uI9BCXhcjCSRrNgougc
Score10/10-
Raccoon Stealer payload
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-