General
-
Target
99338acae1077d543a7f93daeb1310ec.exe
-
Size
440KB
-
Sample
210325-9r1ltnkdg2
-
MD5
99338acae1077d543a7f93daeb1310ec
-
SHA1
4a67a2e7d19d79f87b231cac48b7bb9a62da59d8
-
SHA256
d16224a293f1a83316491fed1b2d0fab11594bdd237fb9daf042fb73de2f5407
-
SHA512
308668137e367fc74a73c031e3480e6e4497ac255e5078599e0306d6083da68421fb42d49b7e37c9c9c3980c3303d1edc660b249bac0e18e0e7cb80f28e263a2
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
99338acae1077d543a7f93daeb1310ec.exe
-
Size
440KB
-
MD5
99338acae1077d543a7f93daeb1310ec
-
SHA1
4a67a2e7d19d79f87b231cac48b7bb9a62da59d8
-
SHA256
d16224a293f1a83316491fed1b2d0fab11594bdd237fb9daf042fb73de2f5407
-
SHA512
308668137e367fc74a73c031e3480e6e4497ac255e5078599e0306d6083da68421fb42d49b7e37c9c9c3980c3303d1edc660b249bac0e18e0e7cb80f28e263a2
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-