3.1 KiB
3.1 KiB
List of Different Raccoon_v2 Campaigns additional payloads
Campaign 1: The boring one
| url | Detected | Loads | C2 | Sha-256 |
|---|---|---|---|---|
| hxxp://77.73.134.24/Clip1.exe | Clipper | ea39461a954cc634f226716dd740f00ea449a4f7d45b6504d83aba045b853d1e | ||
| hxxp://77.73.134.35/bebra.exe | Unknown Stealer | dbf287872ae50281d3136c7f0b890bc534439d36c9b6f594d29b6453f7656e9b |
Campaign 2: Laplas Only
| url | Detected | Loads | C2 | Sha-256 |
|---|---|---|---|---|
| hxxp://104.193.254.97/conhost.exe | Laplas Clipper | hxxp://185.223.93.251/ | 14529dca41abfea65abb51c84ec34ba0a951581586f98cef60213ae949a78320 |
Campaign 3: Github 1
| url | Detected | Loads | C2 | Sha-256 |
|---|---|---|---|---|
| hxxps://github.com/wddawdawxaw/dfvdfvdfv/releases/download/vsd/bgfbv.exe | XMRig | hxxps://github.com/dwadaxwad/dvsv/releases/download/sdv/xmrig.exe; hxxps://github.com/dwadaxwad/dvsv/releases/download/sdv/WatchNew.exe;https://pastebin.com/raw/zsgYJwx1; | Pool: xmr-eu1.nanopool.org | 8591b86016fee0267755649d008dfb73d0d7ac44ff4bb27f94585477b2eb5924 |
| hxxps://github.com/wddawdawxaw/dfvdfvdfv/releases/download/vsd/GUI_MODERNISTA.exe | A downloader for cracked software. Comes with pw protected zips, might load additional malware | hxxps://exp-soft.org/ (EvilCrackz Store) | 7e84d74990b3b4a9807b3072a2637c0c7035b2e9bc4f6e603b9f1766172fbf3e | |
| hxxps://github.com/wddawdawxaw/dfvdfvdfv/releases/download/vsd/ghxkehgertedtyp.c.exe | Laplas Clipper | hxxp://212.113.106.172 | 00978d16ecc2b0f6cf039b3bef087a8542d2092d8f95f36104f2329f7bf362dc | |
| hxxps://github.com/wddawdawxaw/dfvdfvdfv/releases/download/vsf/vawax.exe | Laplas Clipper | hxxp://212.113.106.172 | 2dd1f46406e90b8b57ac49bdba45e4f279db5604921df3921f945e72c28d6820 |
Campaign 4: Github 2
| url | Detected | Loads | C2 | Sha-256 |
|---|---|---|---|---|
| hxxps://github.com/wddawdawxaw/dfvdfvdfv/releases/download/vsd/GUI_MODERNISTA.exe | A downloader for cracked software. Comes with pw protected zips, might load additional malware | hxxps://exp-soft.org/ (EvilCrackz Store) | 7e84d74990b3b4a9807b3072a2637c0c7035b2e9bc4f6e603b9f1766172fbf3e | |
| hxxps://github.com/Fedor1977/project1-22/releases/download/gam1/sdfsdfs.exe | XMRig | hxxps://pastebin.com/raw/M9Q6haRa;hxxps://github.com/dwadaxwad/dvsv/releases/download/sdv/xmrig.exe;hxxps://github.com/dwadaxwad/dvsv/releases/download/sdv/WatchNew.exe | Pool: xmr-eu1.nanopool.org | a5ea48e864640a9562da03abdd54cfa617a4699cec0238299bdda5ccb28cfe8d |
| hxxps://github.com/Philip20042023/games/releases/download/abu_game/clifdthjsjkdgaoker.exe | Laplas Clipper | hxxp://185.174.137.94 | ece100b8240f7eb032cb319a019eba1552ac19f563a291cf8422b1090ccf9b76 | |
Campaign 5: 2 loaded, 2 in opendir
| url | Detected | Loads | C2 | Sha-256 |
|---|---|---|---|---|
| hxxp://185.106.92.140:8080/Slava.exe | Unknown Stealer | f9c21532868a2cd3cbeaa22f92c237cb73bff27d73fc49716d81c89eedb72be9 | ||
| hxxp://185.106.92.140:8080/goland.exe | Laplas Clipper | hxxp://185.106.92.104 | 58c0d2f945207a56f5baefbb320d7ddbd01089205025de05133db173281e65e2 | |
| hxxp://185.106.92.140:8080/neee.exe | Laplas Clipper | hxxp://185.106.92.104 | 348014d89503967f134b988559b2ac694e0d3256708bbf7d8b96aa8c49fe1057 | |
| hxxp://185.106.92.140:8080/cockkieeAC.exe | Unknown Stealer | adcf0ee814651b8a561d827d7ecc7a9aee660a950511c1ffae7d16f426f8de14 |