raccoon | 127bb75c78b17e56c5209da264f9a0fcfdc25ecb677fc4944d6f899ba17a59cc | Triage

Submit
Reports

Overview

overview

Static

static

0b184fd1c1...ec.exe

windows7_x64

0b184fd1c1...ec.exe

windows10_x64

Sharing

General

Target

0b184fd1c1c4004732543ec8fcfb2dec.exe
Size

514KB
Sample

210129-mmjke78r12
MD5

0b184fd1c1c4004732543ec8fcfb2dec
SHA1

747f75f05e84514023166961cceb56c664ed0589
SHA256

127bb75c78b17e56c5209da264f9a0fcfdc25ecb677fc4944d6f899ba17a59cc
SHA512

bfce0f2de64147050e3719a6a550179475ade074c3263e93c25e896de2b99e7a5fccfe9053294dc1a6dd3973eac8015c7675d993c746a8012999d54324842a49

Score

10^/10

raccoon discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

0b184fd1c1c4004732543ec8fcfb2dec.exe

Resource

win7v20201028

raccoon discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0b184fd1c1c4004732543ec8fcfb2dec.exe

Resource

win10v20201028

raccoon discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0b184fd1c1c4004732543ec8fcfb2dec.exe
- Size
  
  514KB
- MD5
  
  0b184fd1c1c4004732543ec8fcfb2dec
- SHA1
  
  747f75f05e84514023166961cceb56c664ed0589
- SHA256
  
  127bb75c78b17e56c5209da264f9a0fcfdc25ecb677fc4944d6f899ba17a59cc
- SHA512
  
  bfce0f2de64147050e3719a6a550179475ade074c3263e93c25e896de2b99e7a5fccfe9053294dc1a6dd3973eac8015c7675d993c746a8012999d54324842a49
Score

10^/10

raccoon discovery spyware stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- Deletes itself
- Loads dropped DLL
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- JavaScript code in executable
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

raccoondiscoveryspywarestealer

behavioral2

raccoondiscoveryspywarestealer

© 2018-2024

Terms | Privacy