General
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.19171.5774
-
Size
529KB
-
Sample
210415-cc3trxcfk6
-
MD5
4fded082b429c4860fbc7683df0d8028
-
SHA1
26d5103a528cff54b0227c1a6b48372e357c0d11
-
SHA256
b7462d93582f61ae4d54bca04359eed4da1804772df8bcebe6723594b3dab2af
-
SHA512
821a94bb475dc806c0fa08be5cdd4502ac52d79d07f84a3b42cd3530a2242414ba0ec8dbf6a19f6063b0588a6b3094c407a105a20067158c6524fb2a29ac1374
Malware Config
Extracted
raccoon
16992cd33145ccbb6feeacb4e84400a56448fa14
-
url4cnc
https://telete.in/baudemars
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.19171.5774
-
Size
529KB
-
MD5
4fded082b429c4860fbc7683df0d8028
-
SHA1
26d5103a528cff54b0227c1a6b48372e357c0d11
-
SHA256
b7462d93582f61ae4d54bca04359eed4da1804772df8bcebe6723594b3dab2af
-
SHA512
821a94bb475dc806c0fa08be5cdd4502ac52d79d07f84a3b42cd3530a2242414ba0ec8dbf6a19f6063b0588a6b3094c407a105a20067158c6524fb2a29ac1374
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-