Overview

overview

10

Static

static

8FCC19C0EA...9A.exe

windows7_x64

10

8FCC19C0EA...9A.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8FCC19C0EAD093CDEEDEA2C1ECEE99328C672779EAE9A.exe

  • Size

    418KB

  • Sample

    210509-7194955saa

  • MD5

    52990366b0f7820347eed51db1a64ea4

  • SHA1

    ab369c861067c351367a3e7fe5d06ebb33d20692

  • SHA256

    8fcc19c0ead093cdeedea2c1ecee99328c672779eae9a9a1507f8e422d56dd07

  • SHA512

    48e75694d5f86d0262ba8917a2db07f734fd208c9439c9253ae198faad04520b95483d576189aad3680f4e1d81dce4eace45a203d783521cdbf4ea8465651862

Score
10/10
raccoona3a85b69314053c3bb015532d1a960a3d08baeb8stealer

Malware Config

Extracted

Family

raccoon

Botnet

a3a85b69314053c3bb015532d1a960a3d08baeb8

Attributes
  • url4cnc

    https://telete.in/baudemars

rc4.plain
rc4.plain

Targets

    • Target

      8FCC19C0EAD093CDEEDEA2C1ECEE99328C672779EAE9A.exe

    • Size

      418KB

    • MD5

      52990366b0f7820347eed51db1a64ea4

    • SHA1

      ab369c861067c351367a3e7fe5d06ebb33d20692

    • SHA256

      8fcc19c0ead093cdeedea2c1ecee99328c672779eae9a9a1507f8e422d56dd07

    • SHA512

      48e75694d5f86d0262ba8917a2db07f734fd208c9439c9253ae198faad04520b95483d576189aad3680f4e1d81dce4eace45a203d783521cdbf4ea8465651862

    Score
    10/10
    raccoona3a85b69314053c3bb015532d1a960a3d08baeb8stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks