General
-
Target
ef75e30bf9e76d9120ba682cee9dcae4.exe
-
Size
467KB
-
Sample
210323-b53spz1c6s
-
MD5
ef75e30bf9e76d9120ba682cee9dcae4
-
SHA1
cef3416817f3bfb0f4fe8d9e04c45e8ae019b837
-
SHA256
5a811d31e3dd7e79900b43c1030cb7851acfce9d630093106aa7d3910a64f136
-
SHA512
7682ed7f7d51ac5a3e3549be247e668d1501469c4e546b9ec8b1560abe2756cd21495e5e7732ff63397368eead69490721fbc470ec4dfef4111402da4b3c46a1
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
ef75e30bf9e76d9120ba682cee9dcae4.exe
-
Size
467KB
-
MD5
ef75e30bf9e76d9120ba682cee9dcae4
-
SHA1
cef3416817f3bfb0f4fe8d9e04c45e8ae019b837
-
SHA256
5a811d31e3dd7e79900b43c1030cb7851acfce9d630093106aa7d3910a64f136
-
SHA512
7682ed7f7d51ac5a3e3549be247e668d1501469c4e546b9ec8b1560abe2756cd21495e5e7732ff63397368eead69490721fbc470ec4dfef4111402da4b3c46a1
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-