Overview

overview

10

Static

static

46c1325f35...84.exe

windows7_x64

10

46c1325f35...84.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46c1325f35cd5958dea23230043a5e84.exe

  • Size

    526KB

  • Sample

    210415-4494kth7va

  • MD5

    46c1325f35cd5958dea23230043a5e84

  • SHA1

    796e8b3e485625d1e052696c651ad6dd93e911cd

  • SHA256

    5b5534877ef572fd9c6ae870ab966c102fee3a010c89cbb8baecc249fc03e508

  • SHA512

    76f32cd141d2bb8dd514f9939e8083ad7bf19889606898c1cf6260a5322768f502061185c8b236f6560ee2dbf5465f65f8075e655403d1abf66e1b2cdc15b52a

Score
10/10
raccoonf6a4646c17af7db77b0a5aba1906d97ffcdd34edstealer

Malware Config

Extracted

Family

raccoon

Botnet

f6a4646c17af7db77b0a5aba1906d97ffcdd34ed

Attributes
  • url4cnc

    https://telete.in/jdiamond13

rc4.plain
rc4.plain

Targets

    • Target

      46c1325f35cd5958dea23230043a5e84.exe

    • Size

      526KB

    • MD5

      46c1325f35cd5958dea23230043a5e84

    • SHA1

      796e8b3e485625d1e052696c651ad6dd93e911cd

    • SHA256

      5b5534877ef572fd9c6ae870ab966c102fee3a010c89cbb8baecc249fc03e508

    • SHA512

      76f32cd141d2bb8dd514f9939e8083ad7bf19889606898c1cf6260a5322768f502061185c8b236f6560ee2dbf5465f65f8075e655403d1abf66e1b2cdc15b52a

    Score
    10/10
    raccoonf6a4646c17af7db77b0a5aba1906d97ffcdd34edstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks