General
-
Target
1977d8aa12bd0de11f560c615bd9f50ebe760a5d367cc26c3e597b43e629a252
-
Size
3.5MB
-
Sample
210831-xjmbg2694x
-
MD5
305737595137efd3afce59beac699157
-
SHA1
95db993bc3c106e5d641527b611bfc33fba24445
-
SHA256
1977d8aa12bd0de11f560c615bd9f50ebe760a5d367cc26c3e597b43e629a252
-
SHA512
79aacbefbe7d5192d9c562e4403fa4f51ee988610688b48558f8bdff8d4191be65dc9c12ed30621ac0f8a303e2ace6d9521baa245de90e68b982a1990f360dab
Malware Config
Extracted
raccoon
10c753321b3ff323727f510579572aa4c5ea00cb
-
url4cnc
https://telete.in/bimboDinotrex
Targets
-
-
Target
1977d8aa12bd0de11f560c615bd9f50ebe760a5d367cc26c3e597b43e629a252
-
Size
3.5MB
-
MD5
305737595137efd3afce59beac699157
-
SHA1
95db993bc3c106e5d641527b611bfc33fba24445
-
SHA256
1977d8aa12bd0de11f560c615bd9f50ebe760a5d367cc26c3e597b43e629a252
-
SHA512
79aacbefbe7d5192d9c562e4403fa4f51ee988610688b48558f8bdff8d4191be65dc9c12ed30621ac0f8a303e2ace6d9521baa245de90e68b982a1990f360dab
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-