General
-
Target
b2ebdd9e7f63f8a6cfaa75d1b67e4da2.exe
-
Size
517KB
-
Sample
210325-939f4xlpzs
-
MD5
b2ebdd9e7f63f8a6cfaa75d1b67e4da2
-
SHA1
37e3f2aeed2717184f44b94719476cbedac10c59
-
SHA256
10bdc701ee1d051b4fa1e0f6d719fc898c9354c39459cfc9939465e3864f3421
-
SHA512
668285a08cd22a266dfe841248b385658942da278104291de7a0045ac55780ad7f1c098bde52088bbfbd765d60746303a3bc804291e212f7e56ee5f6636164f8
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
b2ebdd9e7f63f8a6cfaa75d1b67e4da2.exe
-
Size
517KB
-
MD5
b2ebdd9e7f63f8a6cfaa75d1b67e4da2
-
SHA1
37e3f2aeed2717184f44b94719476cbedac10c59
-
SHA256
10bdc701ee1d051b4fa1e0f6d719fc898c9354c39459cfc9939465e3864f3421
-
SHA512
668285a08cd22a266dfe841248b385658942da278104291de7a0045ac55780ad7f1c098bde52088bbfbd765d60746303a3bc804291e212f7e56ee5f6636164f8
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-