General
-
Target
2048cb0d7439e09892c08c6975704a75
-
Size
484KB
-
Sample
231230-3m7erseeen
-
MD5
2048cb0d7439e09892c08c6975704a75
-
SHA1
d9d66a257e6c37b7a85719be64600b70375de1f2
-
SHA256
f0f9df0459d33fbba7247c6fae79c464fb6eae8c258c47d9aa258e4ad32aa719
-
SHA512
89499a9ed87132f57b0d97e54f4f2877e2206c5a116efdfb904fcff0afc34180ae7a9a452433ffeaecb38d0a7adfc06215bb7c9ef0d8891793ce91ae954edc9d
-
SSDEEP
12288:v2ojOJ4n5Obt7eIeBqljvEbgX7RryxdmLoZG+tqF:vvVOb5eyNvbxadoaqF
Static task
static1
Behavioral task
behavioral1
Sample
2048cb0d7439e09892c08c6975704a75.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2048cb0d7439e09892c08c6975704a75.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
raccoon
1.7.3
263049c95b59877087d6632883c6317f7ab9f0ea
-
url4cnc
https://tttttt.me/ja0jankofranko2
Targets
-
-
Target
2048cb0d7439e09892c08c6975704a75
-
Size
484KB
-
MD5
2048cb0d7439e09892c08c6975704a75
-
SHA1
d9d66a257e6c37b7a85719be64600b70375de1f2
-
SHA256
f0f9df0459d33fbba7247c6fae79c464fb6eae8c258c47d9aa258e4ad32aa719
-
SHA512
89499a9ed87132f57b0d97e54f4f2877e2206c5a116efdfb904fcff0afc34180ae7a9a452433ffeaecb38d0a7adfc06215bb7c9ef0d8891793ce91ae954edc9d
-
SSDEEP
12288:v2ojOJ4n5Obt7eIeBqljvEbgX7RryxdmLoZG+tqF:vvVOb5eyNvbxadoaqF
-
Raccoon Stealer V1 payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-