General

  • Target

    9ae5b3d8924d251ed4799a1223da2aac

  • Size

    514KB

  • Sample

    201117-5txfswcgl6

  • MD5

    f419548a046f3238df9d95d40e3a8fdd

  • SHA1

    76fda035703781cfe5f785b8f230e7db6eef2abf

  • SHA256

    86c1ba04c2400da557124c31d3366eb792080a254e6166e7a426a27b0cd16693

  • SHA512

    cca8b94d53abde68c7fcf83fa246674cea3c607e65164d59824ec940b720560c33574c1e2e40c811667f9c685d61017eb27ca03bf671a159c4d8066ccf12f36d

Score
10/10

Malware Config

Targets

    • Target

      9ae5b3d8924d251ed4799a1223da2aac

    • Size

      514KB

    • MD5

      f419548a046f3238df9d95d40e3a8fdd

    • SHA1

      76fda035703781cfe5f785b8f230e7db6eef2abf

    • SHA256

      86c1ba04c2400da557124c31d3366eb792080a254e6166e7a426a27b0cd16693

    • SHA512

      cca8b94d53abde68c7fcf83fa246674cea3c607e65164d59824ec940b720560c33574c1e2e40c811667f9c685d61017eb27ca03bf671a159c4d8066ccf12f36d

    Score
    10/10
    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

    • Suspicious use of NtCreateProcessExOtherParentProcess

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Tasks