General
-
Target
bcd2583086d55ae0e1444378c2892c1d.exe
-
Size
524KB
-
Sample
210322-vbk4x85rjn
-
MD5
bcd2583086d55ae0e1444378c2892c1d
-
SHA1
e56ae93e35c7fe70e1cadf126849bf97200868a6
-
SHA256
e80db3924627a7961f6bbb34a4d6849546d544620ea77f12b1b3dd8ed024ef4d
-
SHA512
dd60c0864748f1b6b51a27afb1a410f116559adb917f2e92ffd8f08ff3b5c50f239df5c8bf494c9f27c4f9a49a071a67da0a3b96f6c4f09dde3937b421a2d497
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
bcd2583086d55ae0e1444378c2892c1d.exe
-
Size
524KB
-
MD5
bcd2583086d55ae0e1444378c2892c1d
-
SHA1
e56ae93e35c7fe70e1cadf126849bf97200868a6
-
SHA256
e80db3924627a7961f6bbb34a4d6849546d544620ea77f12b1b3dd8ed024ef4d
-
SHA512
dd60c0864748f1b6b51a27afb1a410f116559adb917f2e92ffd8f08ff3b5c50f239df5c8bf494c9f27c4f9a49a071a67da0a3b96f6c4f09dde3937b421a2d497
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-