General
-
Target
b138355dd3cb256dc37e531869f6b174.exe
-
Size
449KB
-
Sample
210325-t6dvlmf1zn
-
MD5
b138355dd3cb256dc37e531869f6b174
-
SHA1
73307a9393f344a6b35b4430ef2fdf3cb39a7c0d
-
SHA256
c8847cb9a99370589fe52fcf91b96bef170990a13fa1eb734c1550c4862537d4
-
SHA512
06778dfde50086e93302bfb717eacf75db0435bca3971d884399be65baf88bf7df79e2158ab26f1de2c91fb97545c1e4968737a78f126b7785d0a70c953d785d
Malware Config
Extracted
raccoon
2ce901d964b370c5ccda7e4d68354ba040db8218
-
url4cnc
https://telete.in/tomarsjsmith3
Targets
-
-
Target
b138355dd3cb256dc37e531869f6b174.exe
-
Size
449KB
-
MD5
b138355dd3cb256dc37e531869f6b174
-
SHA1
73307a9393f344a6b35b4430ef2fdf3cb39a7c0d
-
SHA256
c8847cb9a99370589fe52fcf91b96bef170990a13fa1eb734c1550c4862537d4
-
SHA512
06778dfde50086e93302bfb717eacf75db0435bca3971d884399be65baf88bf7df79e2158ab26f1de2c91fb97545c1e4968737a78f126b7785d0a70c953d785d
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-