raccoon | 0a262b80264ad7416caaeeaccb1a92cedddac5aa8bc13e9e7a33d4e7a6f5c831 | Triage

Sharing

General

Target

4532c09a54bb0245b68b8f36a7b5c2c7
Size

403KB
Sample

201117-4421g5gr42
MD5

2e9334142755675725558350bf695a5e
SHA1

ff78714d3fb3093678ccfc780a2c6496f63d29a6
SHA256

0a262b80264ad7416caaeeaccb1a92cedddac5aa8bc13e9e7a33d4e7a6f5c831
SHA512

985ad266ae43409efb6dcee7786791aa1947da22445ff2a7dc1076294becd94fa8c1502c0e065f2ab8f723ab98f51a4301b7176b4bce99c9ef12b5d3213eb5ca

Score

10^/10

raccoon stealer

Malware Config

Targets

- Target
  
  4532c09a54bb0245b68b8f36a7b5c2c7
- Size
  
  403KB
- MD5
  
  2e9334142755675725558350bf695a5e
- SHA1
  
  ff78714d3fb3093678ccfc780a2c6496f63d29a6
- SHA256
  
  0a262b80264ad7416caaeeaccb1a92cedddac5aa8bc13e9e7a33d4e7a6f5c831
- SHA512
  
  985ad266ae43409efb6dcee7786791aa1947da22445ff2a7dc1076294becd94fa8c1502c0e065f2ab8f723ab98f51a4301b7176b4bce99c9ef12b5d3213eb5ca
Score

10^/10

raccoon stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2