General
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.6516.8334
-
Size
428KB
-
Sample
210321-q74lm9e7xs
-
MD5
8fc83336c7143f3c5315be10dec00b1a
-
SHA1
01dbf95d6d8263d43e780b108560d5cdad9b382f
-
SHA256
3db141379cf8a6d34d0119ee463a4b918996238b14b33224d3eb1df6a4973421
-
SHA512
fe27426384555e8f56106dfb58d52ad32abc97c6b2d6913ed7962544e5b0bfe90ec84505ba05932b6e2717bcb34531cb1acc1e1173a6674940319fc235617f77
Malware Config
Extracted
raccoon
78411f0665662955fb66b9440064e971183457ee
-
url4cnc
https://tttttt.me/h_hitesh_1
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.6516.8334
-
Size
428KB
-
MD5
8fc83336c7143f3c5315be10dec00b1a
-
SHA1
01dbf95d6d8263d43e780b108560d5cdad9b382f
-
SHA256
3db141379cf8a6d34d0119ee463a4b918996238b14b33224d3eb1df6a4973421
-
SHA512
fe27426384555e8f56106dfb58d52ad32abc97c6b2d6913ed7962544e5b0bfe90ec84505ba05932b6e2717bcb34531cb1acc1e1173a6674940319fc235617f77
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-