General

  • Target

    edbc2fdaea1c75a2817bd067b44c19c1949954b1649e60061878bbfdbe01b6be

  • Size

    479KB

  • Sample

    201108-45m9lfffns

  • MD5

    4ddccd8fdc82ef5a6e0fec9e9bb7a4fc

  • SHA1

    843e7b6a79aabfa51c1140f02a994a4202804a67

  • SHA256

    edbc2fdaea1c75a2817bd067b44c19c1949954b1649e60061878bbfdbe01b6be

  • SHA512

    4282ef46613cafd2e347fbba8089e78b9779f339cd943880ee2f82ef982b9b52282ffcdd05d06379d6960f8ee164487dad804cee5fc1c09323d02b4369e8d65f

Malware Config

Targets

    • Target

      edbc2fdaea1c75a2817bd067b44c19c1949954b1649e60061878bbfdbe01b6be

    • Size

      479KB

    • MD5

      4ddccd8fdc82ef5a6e0fec9e9bb7a4fc

    • SHA1

      843e7b6a79aabfa51c1140f02a994a4202804a67

    • SHA256

      edbc2fdaea1c75a2817bd067b44c19c1949954b1649e60061878bbfdbe01b6be

    • SHA512

      4282ef46613cafd2e347fbba8089e78b9779f339cd943880ee2f82ef982b9b52282ffcdd05d06379d6960f8ee164487dad804cee5fc1c09323d02b4369e8d65f

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • JavaScript code in executable

MITRE ATT&CK Enterprise v6

Tasks