General
-
Target
aea0c5b5bf6a91d6b8edd88416b62b0aeda38cd4b8db653749efde0021915538-20210419-035206
-
Size
537KB
-
Sample
210419-lcfwfdjx62
-
MD5
d570d71e719378fd01ce888f0c96e14a
-
SHA1
8e8582fa3be66549198061ba33d151175c8143db
-
SHA256
aea0c5b5bf6a91d6b8edd88416b62b0aeda38cd4b8db653749efde0021915538
-
SHA512
20121ce588f23713080ede9a0108ee5dd4d9f4d60ba79813a149630d4f3ad4d76f3df3df83238f9506bab7aaf3e124bf8f5079bcc39d4ec2473fcdb7e682a899
Malware Config
Extracted
raccoon
0a72c1d911fee709b097aead5e660474924a4030
-
url4cnc
https://telete.in/jiocacossa
Targets
-
-
Target
aea0c5b5bf6a91d6b8edd88416b62b0aeda38cd4b8db653749efde0021915538-20210419-035206
-
Size
537KB
-
MD5
d570d71e719378fd01ce888f0c96e14a
-
SHA1
8e8582fa3be66549198061ba33d151175c8143db
-
SHA256
aea0c5b5bf6a91d6b8edd88416b62b0aeda38cd4b8db653749efde0021915538
-
SHA512
20121ce588f23713080ede9a0108ee5dd4d9f4d60ba79813a149630d4f3ad4d76f3df3df83238f9506bab7aaf3e124bf8f5079bcc39d4ec2473fcdb7e682a899
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-