General
-
Target
e72a75526dd32875718e35798cc125fee64a6431375cf4492175c93bb6c8fbf0-20210417-130550
-
Size
576KB
-
Sample
210417-5ccwc1c5ga
-
MD5
26024fe33d13b3235bff3c706d86aa61
-
SHA1
f3063ce613eab3929201697e131d8d2c2a72230c
-
SHA256
e72a75526dd32875718e35798cc125fee64a6431375cf4492175c93bb6c8fbf0
-
SHA512
a7ab4fe1cb756ea0b87354c940cfdf4aa97c19a7873a28219061a1c2d6ff90da490ba21b4f230c18aad3b90fb344b55ecb8d2728df02e440297bd82be7b6634f
Malware Config
Extracted
raccoon
5ef44f9e41e70c655425e19f29b84e0e534530d6
-
url4cnc
https://telete.in/bpa1010100102
Targets
-
-
Target
e72a75526dd32875718e35798cc125fee64a6431375cf4492175c93bb6c8fbf0-20210417-130550
-
Size
576KB
-
MD5
26024fe33d13b3235bff3c706d86aa61
-
SHA1
f3063ce613eab3929201697e131d8d2c2a72230c
-
SHA256
e72a75526dd32875718e35798cc125fee64a6431375cf4492175c93bb6c8fbf0
-
SHA512
a7ab4fe1cb756ea0b87354c940cfdf4aa97c19a7873a28219061a1c2d6ff90da490ba21b4f230c18aad3b90fb344b55ecb8d2728df02e440297bd82be7b6634f
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-