raccoon | hxxp://5[.]61[.]33[.]200/henos[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

URLScan

urlscan

BrudnyHarry

windows10_x64

Sharing

General

Target

http://5.61.33.200/henos.exe
Sample

210225-1m7dl96gn2

Score

10^/10

raccoon 21caed469b59526d75348692eec1d8ae289ec69c stealer

Static task

static1

URLScan task

urlscan1

Sample

http://5.61.33.200/henos.exe

Behavioral task

behavioral1

Sample

http://5.61.33.200/henos.exe

Resource

win10v20201028

raccoon 21caed469b59526d75348692eec1d8ae289ec69c stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

raccoon

Botnet

21caed469b59526d75348692eec1d8ae289ec69c

Attributes

url4cnc
https://telete.in/j90maninblack

rc4.plain

rc4.plain

Targets

- Target
  
  http://5.61.33.200/henos.exe
Score

10^/10

raccoon 21caed469b59526d75348692eec1d8ae289ec69c stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- Suspicious use of NtCreateProcessExOtherParentProcess
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

urlscan1

behavioral1

raccoon21caed469b59526d75348692eec1d8ae289ec69cstealer

© 2018-2024

Terms | Privacy