raccoon | 663bceba78c75dd1c6c042877e08f2ec4b07a46eb93b11f2aed7e5da3b9e10f8 | Triage

Submit
Reports

Overview

overview

Static

static

2968b7c561...31.exe

windows7_x64

2968b7c561...31.exe

windows10_x64

Analysis

max time kernel
147s
max time network
178s
platform
windows7_x64
resource
win7v20210408
submitted
31-05-2021 17:16

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2968b7c5619b5a74e806528ced73c131.exe

Resource

win7v20210408

raccoon a5cce470ad0d57aff9fa94b5ee2c0c1fc2d802af stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2968b7c5619b5a74e806528ced73c131.exe

Resource

win10v20210410

raccoon a5cce470ad0d57aff9fa94b5ee2c0c1fc2d802af discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

2968b7c5619b5a74e806528ced73c131.exe
Size

582KB
MD5

2968b7c5619b5a74e806528ced73c131
SHA1

a349e403ee4135bbd9b97012c263f009afcf06e4
SHA256

663bceba78c75dd1c6c042877e08f2ec4b07a46eb93b11f2aed7e5da3b9e10f8
SHA512

69befecbbdb935e810c4899b6be63bcbaa4d24f65cab48b8b2cbdaed007b598b81821b895ac189d4d1c44567f9a14cddd9b60b0bb4cf0aee8738f5ce83c65883

Score

10^/10

raccoon a5cce470ad0d57aff9fa94b5ee2c0c1fc2d802af stealer

Malware Config

Extracted

Family

raccoon

Botnet

a5cce470ad0d57aff9fa94b5ee2c0c1fc2d802af

Attributes

url4cnc
https://tttttt.me/baudemars

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Processes

C:\Users\Admin\AppData\Local\Temp\2968b7c5619b5a74e806528ced73c131.exe
"C:\Users\Admin\AppData\Local\Temp\2968b7c5619b5a74e806528ced73c131.exe"
1⤵
PID:1100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1100-59-0x0000000075C71000-0x0000000075C73000-memory.dmp

Filesize
8KB

Download
memory/1100-60-0x0000000001BE0000-0x0000000001C71000-memory.dmp

Filesize
580KB

Download
memory/1100-61-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download

© 2018-2024

Terms | Privacy