General
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.23167.23898
-
Size
406KB
-
Sample
210408-atvepb63ks
-
MD5
707a0e6fb234ff00db9bc742700fc67d
-
SHA1
7c9c7e85f7829b93bcd1268e77688aa0d0eaae4f
-
SHA256
a768e4da2a01fb5e505de3c2acefaff12d468eaa93f5af0e324c263b447d299e
-
SHA512
028170001a42f834a295d855d0debb91a975a904528d337a11744098190d5e7b40738f355e4c570fecede100754aa2312e91a0e7f62d132cd75184a0f13e9170
Malware Config
Extracted
raccoon
687fc54591ef8d5772fd4c6b129cadc26dbadf74
-
url4cnc
https://telete.in/jdiamond13
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.23167.23898
-
Size
406KB
-
MD5
707a0e6fb234ff00db9bc742700fc67d
-
SHA1
7c9c7e85f7829b93bcd1268e77688aa0d0eaae4f
-
SHA256
a768e4da2a01fb5e505de3c2acefaff12d468eaa93f5af0e324c263b447d299e
-
SHA512
028170001a42f834a295d855d0debb91a975a904528d337a11744098190d5e7b40738f355e4c570fecede100754aa2312e91a0e7f62d132cd75184a0f13e9170
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-