raccoon | 2a0de5a42f5d64ddd01b4f18382ba7a36a3d420abe5f2153fd4b9444ae98e53e | Triage

Sharing

General

Target

cd.exe
Size

572KB
Sample

210318-j6wfl24vl6
MD5

46b39658da596e58315fe8914b030b24
SHA1

b91e4854936d7402dd93a59a932c44bf26252d52
SHA256

2a0de5a42f5d64ddd01b4f18382ba7a36a3d420abe5f2153fd4b9444ae98e53e
SHA512

cedb2c03cbc90882e15f59855871bc1909a7d3ebe9f10cc4d7516f0bdd1ad2fb8962f77bd1a5b98920246410918f0681fa34413d44f3561ab625fe203face32c

Score

10^/10

raccoon 75fbe127769a03ab235bd172a881a419ea43e573

Malware Config

Extracted

Family

raccoon

Botnet

75fbe127769a03ab235bd172a881a419ea43e573

Attributes

url4cnc
https://telete.in/h_hitesh_1

rc4.plain

rc4.plain

Targets

- Target
  
  cd.exe
- Size
  
  572KB
- MD5
  
  46b39658da596e58315fe8914b030b24
- SHA1
  
  b91e4854936d7402dd93a59a932c44bf26252d52
- SHA256
  
  2a0de5a42f5d64ddd01b4f18382ba7a36a3d420abe5f2153fd4b9444ae98e53e
- SHA512
  
  cedb2c03cbc90882e15f59855871bc1909a7d3ebe9f10cc4d7516f0bdd1ad2fb8962f77bd1a5b98920246410918f0681fa34413d44f3561ab625fe203face32c
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

75fbe127769a03ab235bd172a881a419ea43e573raccoon

behavioral1

behavioral2