General
-
Target
28345a7bb63babaf99e760965ce493b7.exe
-
Size
494KB
-
Sample
210331-ts1szv6pp6
-
MD5
28345a7bb63babaf99e760965ce493b7
-
SHA1
7e752390f6ebca4e1e8889302549be4dd0845f62
-
SHA256
f9349585a2393d4378e283e73fc48d04941666ec0ccae4dd2fb68c2cad7ac9a1
-
SHA512
d0692febe87dafca3db8b8934003f3b3c7d9bddd3761c60c4945878787b410b581eea042cb133dd255ab4f41e473f43571d45612eaedcc3508a49b63c4594ce5
Malware Config
Extracted
raccoon
3d7990f080e9dcb56104447e3789dec4380efc8b
-
url4cnc
https://telete.in/jvadikkamushkin
Targets
-
-
Target
28345a7bb63babaf99e760965ce493b7.exe
-
Size
494KB
-
MD5
28345a7bb63babaf99e760965ce493b7
-
SHA1
7e752390f6ebca4e1e8889302549be4dd0845f62
-
SHA256
f9349585a2393d4378e283e73fc48d04941666ec0ccae4dd2fb68c2cad7ac9a1
-
SHA512
d0692febe87dafca3db8b8934003f3b3c7d9bddd3761c60c4945878787b410b581eea042cb133dd255ab4f41e473f43571d45612eaedcc3508a49b63c4594ce5
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-