General
-
Target
b34c074a426d53c6b1e0f8b8547fb027.exe
-
Size
518KB
-
Sample
210324-8ng96k25jj
-
MD5
b34c074a426d53c6b1e0f8b8547fb027
-
SHA1
27eae0b5583ec3bd074e8a04d06a9d4a7c5bbc0a
-
SHA256
17d0d16c98137e68c2ad448821076ee3771edf8a8bf13e6b7b840ac27c452257
-
SHA512
97a4233ebbfac7621bf788918d20bcb5c49d1cd54a0c85e0fdb1620f1fb815511fdc5894463e11013fd6150d724e015e17a8c0f64aa1c1942b5864c50c8ec415
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
b34c074a426d53c6b1e0f8b8547fb027.exe
-
Size
518KB
-
MD5
b34c074a426d53c6b1e0f8b8547fb027
-
SHA1
27eae0b5583ec3bd074e8a04d06a9d4a7c5bbc0a
-
SHA256
17d0d16c98137e68c2ad448821076ee3771edf8a8bf13e6b7b840ac27c452257
-
SHA512
97a4233ebbfac7621bf788918d20bcb5c49d1cd54a0c85e0fdb1620f1fb815511fdc5894463e11013fd6150d724e015e17a8c0f64aa1c1942b5864c50c8ec415
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-