raccoon | e93548a1cbb3688e11b0eb6d4682ceee5df0ed380c703133b9f3e7455b8405e3 | Triage

Submit
Reports

Overview

overview

Static

static

e93548a1cb...e3.exe

windows7_x64

e93548a1cb...e3.exe

windows10_x64

Sharing

General

Target

e93548a1cbb3688e11b0eb6d4682ceee5df0ed380c703133b9f3e7455b8405e3
Size

403KB
Sample

201106-wyb99lkt9a
MD5

ecfb302b469218cdb9806aa24229a73e
SHA1

317ed53f41dd3e88fa6db2b36c0454391ceab8ca
SHA256

e93548a1cbb3688e11b0eb6d4682ceee5df0ed380c703133b9f3e7455b8405e3
SHA512

8f37ef7a5565059bb2aba9c5a4be838ebc50a8c54b0afc70571b05d15ddd47fe9d0eb6412bd51eee02f1076bff388ea70397d7ab310bd55ea736c043944c90b2

Score

10^/10

raccoon discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

e93548a1cbb3688e11b0eb6d4682ceee5df0ed380c703133b9f3e7455b8405e3.exe

Resource

win7v20201028

raccoon discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e93548a1cbb3688e11b0eb6d4682ceee5df0ed380c703133b9f3e7455b8405e3.exe

Resource

win10v20201028

raccoon discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e93548a1cbb3688e11b0eb6d4682ceee5df0ed380c703133b9f3e7455b8405e3
- Size
  
  403KB
- MD5
  
  ecfb302b469218cdb9806aa24229a73e
- SHA1
  
  317ed53f41dd3e88fa6db2b36c0454391ceab8ca
- SHA256
  
  e93548a1cbb3688e11b0eb6d4682ceee5df0ed380c703133b9f3e7455b8405e3
- SHA512
  
  8f37ef7a5565059bb2aba9c5a4be838ebc50a8c54b0afc70571b05d15ddd47fe9d0eb6412bd51eee02f1076bff388ea70397d7ab310bd55ea736c043944c90b2
Score

10^/10

raccoon discovery spyware stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- Deletes itself
- Loads dropped DLL
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- JavaScript code in executable
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

raccoondiscoveryspywarestealer

behavioral2

raccoondiscoveryspywarestealer

© 2018-2024

Terms | Privacy