General

  • Target

    a1f55028dfca70ddb48f95e753352b01.exe

  • Size

    434KB

  • Sample

    210722-ytps6rwbra

  • MD5

    a1f55028dfca70ddb48f95e753352b01

  • SHA1

    7574fe499d96951c75a695d4aca93afc969f9cb8

  • SHA256

    a91d1235d7b44e451dada8c9a827e570b7b83eb8790c065af88c0c974de5dd51

  • SHA512

    dadd05243395e35a69712622c8864ba0cbfe5d06ebfbd53fe5253c3b06dfc32cafd8aa40dbc45b90c87c2d54470c8a5b248d2f144eeea602e494261faadb0952

Malware Config

Extracted

Family

raccoon

Botnet

e8fb6fbcbde044a603db529c2275bbfece556557

Attributes
url4cnc
https://telete.in/h_ghaibin2_1
rc4.plain
rc4.plain

Targets

    • Target

      a1f55028dfca70ddb48f95e753352b01.exe

    • Size

      434KB

    • MD5

      a1f55028dfca70ddb48f95e753352b01

    • SHA1

      7574fe499d96951c75a695d4aca93afc969f9cb8

    • SHA256

      a91d1235d7b44e451dada8c9a827e570b7b83eb8790c065af88c0c974de5dd51

    • SHA512

      dadd05243395e35a69712622c8864ba0cbfe5d06ebfbd53fe5253c3b06dfc32cafd8aa40dbc45b90c87c2d54470c8a5b248d2f144eeea602e494261faadb0952

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

    • Raccoon Stealer Payload

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Discovery

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation

                        Tasks