raccoon | 2a0de5a42f5d64ddd01b4f18382ba7a36a3d420abe5f2153fd4b9444ae98e53e | Triage

Sharing

General

Target

cd.exe
Size

572KB
Sample

210318-j6wfl24vl6
MD5

46b39658da596e58315fe8914b030b24
SHA1

b91e4854936d7402dd93a59a932c44bf26252d52
SHA256

2a0de5a42f5d64ddd01b4f18382ba7a36a3d420abe5f2153fd4b9444ae98e53e
SHA512

cedb2c03cbc90882e15f59855871bc1909a7d3ebe9f10cc4d7516f0bdd1ad2fb8962f77bd1a5b98920246410918f0681fa34413d44f3561ab625fe203face32c

Score

10^/10

raccoon 75fbe127769a03ab235bd172a881a419ea43e573

Malware Config

Extracted

Family

raccoon

Botnet

75fbe127769a03ab235bd172a881a419ea43e573

Attributes

url4cnc
https://telete.in/h_hitesh_1

rc4.plain

rc4.plain

Targets

- Target
  
  cd.exe
- Size
  
  572KB
- MD5
  
  46b39658da596e58315fe8914b030b24
- SHA1
  
  b91e4854936d7402dd93a59a932c44bf26252d52
- SHA256
  
  2a0de5a42f5d64ddd01b4f18382ba7a36a3d420abe5f2153fd4b9444ae98e53e
- SHA512
  
  cedb2c03cbc90882e15f59855871bc1909a7d3ebe9f10cc4d7516f0bdd1ad2fb8962f77bd1a5b98920246410918f0681fa34413d44f3561ab625fe203face32c
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

75fbe127769a03ab235bd172a881a419ea43e573raccoon

behavioral1

behavioral2