General
-
Target
JaffaCakes118_3028b2eb6d0aeb8a13291c7fa799ba8c39a9fa0c5af0abb56b34c903cb64741e
-
Size
727.2MB
-
Sample
241222-kng76a1pas
-
MD5
500f99c4b067fe00c0abe21a92e755fe
-
SHA1
f5fea700fb2962e39afd5d709308d5a0ce2d3b82
-
SHA256
3028b2eb6d0aeb8a13291c7fa799ba8c39a9fa0c5af0abb56b34c903cb64741e
-
SHA512
8def4c0b4f3737f764a4c9b3e82f5470b6c9fd3739a896b662fe969bdc1b1b772dacb0bb2f47d43a7ab0e49806e12c2f845fe42e25f56fa9e03269893662c45d
-
SSDEEP
98304:eljPlq3JIvhwmpT6KCtB4ptE4kBCbJVr0uhK130g+XAFNAtN51pJxGmyo:elDloJIZwmd6KnjHr0cK1rLqN/pjGmyo
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_3028b2eb6d0aeb8a13291c7fa799ba8c39a9fa0c5af0abb56b34c903cb64741e.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
JaffaCakes118_3028b2eb6d0aeb8a13291c7fa799ba8c39a9fa0c5af0abb56b34c903cb64741e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
raccoon
26a95afbb6bac0ccd2506a74d8cdbccd
http://51.195.166.175/
-
user_agent
mozzzzzzzzzzz
Targets
-
-
Target
JaffaCakes118_3028b2eb6d0aeb8a13291c7fa799ba8c39a9fa0c5af0abb56b34c903cb64741e
-
Size
727.2MB
-
MD5
500f99c4b067fe00c0abe21a92e755fe
-
SHA1
f5fea700fb2962e39afd5d709308d5a0ce2d3b82
-
SHA256
3028b2eb6d0aeb8a13291c7fa799ba8c39a9fa0c5af0abb56b34c903cb64741e
-
SHA512
8def4c0b4f3737f764a4c9b3e82f5470b6c9fd3739a896b662fe969bdc1b1b772dacb0bb2f47d43a7ab0e49806e12c2f845fe42e25f56fa9e03269893662c45d
-
SSDEEP
98304:eljPlq3JIvhwmpT6KCtB4ptE4kBCbJVr0uhK130g+XAFNAtN51pJxGmyo:elDloJIZwmd6KnjHr0cK1rLqN/pjGmyo
-
Raccoon Stealer V2 payload
-
Raccoon family
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-