Analysis
-
max time kernel
125s -
max time network
139s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
21-08-2024 03:27
Behavioral task
behavioral1
Sample
2024-08-21_bee6f5644aacc01a604c7842c758dff6_avoslocker_cobalt-strike_raccoonstealer.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-08-21_bee6f5644aacc01a604c7842c758dff6_avoslocker_cobalt-strike_raccoonstealer.exe
Resource
win10v2004-20240802-en
General
-
Target
2024-08-21_bee6f5644aacc01a604c7842c758dff6_avoslocker_cobalt-strike_raccoonstealer.exe
-
Size
564KB
-
MD5
bee6f5644aacc01a604c7842c758dff6
-
SHA1
50b87889f15ebd7253dde6f1b8f83c8bd891255a
-
SHA256
d50a585ad2750f8cefade2741466ae2c4d37f2014b5471777b4fe1a3811f7070
-
SHA512
6d2dd32cb27b430db1fcf908a53e80e796327d8770a54293ef3e2818be538b1f317f3dffc716041af55c2d6d035cc72df0b6828a0caff22006c26edd92dbe46f
-
SSDEEP
12288:LmW28vlqKXrW9V65s61PYEgHNWCfyBdLZFuKdj6F7LTjvbA62:LmWtvzbsV65/PYHOBZjuHVvjv062
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
2024-08-21_bee6f5644aacc01a604c7842c758dff6_avoslocker_cobalt-strike_raccoonstealer.exedescription ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 2024-08-21_bee6f5644aacc01a604c7842c758dff6_avoslocker_cobalt-strike_raccoonstealer.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-08-21_bee6f5644aacc01a604c7842c758dff6_avoslocker_cobalt-strike_raccoonstealer.exe"C:\Users\Admin\AppData\Local\Temp\2024-08-21_bee6f5644aacc01a604c7842c758dff6_avoslocker_cobalt-strike_raccoonstealer.exe"1⤵
- System Location Discovery: System Language Discovery
PID:2440