General
-
Target
5f36220841b40c020f098300379e67e9.exe
-
Size
518KB
-
Sample
210324-gkdvzs5972
-
MD5
5f36220841b40c020f098300379e67e9
-
SHA1
cfde6a5337e0469e0520d23886062accb5de05fc
-
SHA256
8a2fae000c50871ca7a0600d477d6802d02d88df4bee5fa55918bbd7e71bdcd4
-
SHA512
ed4c10d570f9d1725c0b20c9790a777d4e3293c827e79e92e350f67a74c0e4240618171937cee83e9668097a5bbe72e711eebd5e3f6830dd51afff4bde9b6cbf
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
5f36220841b40c020f098300379e67e9.exe
-
Size
518KB
-
MD5
5f36220841b40c020f098300379e67e9
-
SHA1
cfde6a5337e0469e0520d23886062accb5de05fc
-
SHA256
8a2fae000c50871ca7a0600d477d6802d02d88df4bee5fa55918bbd7e71bdcd4
-
SHA512
ed4c10d570f9d1725c0b20c9790a777d4e3293c827e79e92e350f67a74c0e4240618171937cee83e9668097a5bbe72e711eebd5e3f6830dd51afff4bde9b6cbf
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-