General
-
Target
afe225d7a06185388ce71ec95dbb5731.exe
-
Size
526KB
-
Sample
210322-czk4wwel7s
-
MD5
afe225d7a06185388ce71ec95dbb5731
-
SHA1
d4bf1b16932ec634e4c0c006ebf476c0758df673
-
SHA256
42acd6c4185eec5476f6cf001a527ea5f02df93b58668518cc2f4fada0e93f25
-
SHA512
4cbc216ff9aee5f0c412278696b312bafb20e5634bcb1a73669ca7042edb09dad991cba74a7f9d5daacec47add89c7cbabbec58bbdcdb0c3a9504fdd15bde6f4
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
afe225d7a06185388ce71ec95dbb5731.exe
-
Size
526KB
-
MD5
afe225d7a06185388ce71ec95dbb5731
-
SHA1
d4bf1b16932ec634e4c0c006ebf476c0758df673
-
SHA256
42acd6c4185eec5476f6cf001a527ea5f02df93b58668518cc2f4fada0e93f25
-
SHA512
4cbc216ff9aee5f0c412278696b312bafb20e5634bcb1a73669ca7042edb09dad991cba74a7f9d5daacec47add89c7cbabbec58bbdcdb0c3a9504fdd15bde6f4
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-