Overview

overview

10

Static

static

ﱞﱞﱞï...ﱞﱞ

windows10_x64

10

ﱞﱞﱞï...ฺฺ

windows10_x64

10

ﱞﱞﱞï...ﱞﱞ

windows10_x64

10

ﱞﱞﱞï...ﱞﱞ

windows10_x64

10

ﱞﱞﱞï...ﱞﱞ

windows7_x64

10

win102

windows10_x64

10

win104

windows10_x64

10

win105

windows10_x64

10

win106

windows10_x64

10

win103

windows10_x64

10

win101

windows10_x64

10

win100

windows10_x64

10

Resubmissions

15-04-2021 08:06

210415-8m598bvl3n 10

15-04-2021 07:49

210415-t8zc8q254j 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sirus.exe

  • Size

    2.2MB

  • Sample

    210415-8m598bvl3n

  • MD5

    196ff748cced551629a1683e3d9d9b37

  • SHA1

    a7382072a4729771dec5b10bcf2d4895da444176

  • SHA256

    ae841b1c3d0c1a0e490c21d6e373e75d0b66c63f88431b6e89f3d58e434abc91

  • SHA512

    43c7dd0bb352ee970dc670fb517a388af52d39352c8d4bfc5ed23a135b311c9a7d18c8b98a9e01c0a955a5d42920f4c7cb41b74167041fe7c2632c5730f80861

Score
10/10
raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer

Malware Config

Extracted

Family

raccoon

Botnet

1a329a10c40d1d7de968ac01620072546be15062

Attributes
  • url4cnc

    https://tttttt.me/jrrand0mer

rc4.plain
rc4.plain

Targets

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Credentials in Files

3
T1081

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Data from Local System

3
T1005

Exfiltration

Command and Control

Impact

Tasks

static1

Score
N/A

behavioral1

raccoon1a329a10c40d1d7de968ac01620072546be15062discoveryspywarestealer
Score
10/10

behavioral2

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral3

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral4

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral5

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral6

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral7

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral8

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral9

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral10

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral11

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10

behavioral12

raccoonredline1a329a10c40d1d7de968ac01620072546be15062discoveryinfostealerspywarestealer
Score
10/10