Overview

overview

10

Static

static

a04d426b88...db.exe

windows7_x64

10

a04d426b88...db.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a04d426b8812c6fa62ed3857e38acddb.exe

  • Size

    555KB

  • Sample

    210227-87fj3n48hx

  • MD5

    a04d426b8812c6fa62ed3857e38acddb

  • SHA1

    dc860c84193c470568639e8743f703e6720ffb50

  • SHA256

    063d7b432fa85262f3515bbd8b51f81f3461a2e413b5782471ee5ab08fca59c0

  • SHA512

    cad282b10279d64f4f7f5a1be0c2d98f57088c8f67903ca44d629e77fa2f09216ca30de9481c2a8c589fde55dc89ecaefc3b8aa5f66f0c77bde9b4f6d6a32396

Score
10/10
raccoona3a85b69314053c3bb015532d1a960a3d08baeb8stealer

Malware Config

Extracted

Family

raccoon

Botnet

a3a85b69314053c3bb015532d1a960a3d08baeb8

Attributes
  • url4cnc

    https://telete.in/baudemars

rc4.plain
rc4.plain

Targets

    • Target

      a04d426b8812c6fa62ed3857e38acddb.exe

    • Size

      555KB

    • MD5

      a04d426b8812c6fa62ed3857e38acddb

    • SHA1

      dc860c84193c470568639e8743f703e6720ffb50

    • SHA256

      063d7b432fa85262f3515bbd8b51f81f3461a2e413b5782471ee5ab08fca59c0

    • SHA512

      cad282b10279d64f4f7f5a1be0c2d98f57088c8f67903ca44d629e77fa2f09216ca30de9481c2a8c589fde55dc89ecaefc3b8aa5f66f0c77bde9b4f6d6a32396

    Score
    10/10
    raccoona3a85b69314053c3bb015532d1a960a3d08baeb8stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks