General
-
Target
84dee83ee172871a49fbf587ecf00248690f11a32f9dff57dde1a84c84f2ea36
-
Size
531KB
-
Sample
210907-13d22sdch4
-
MD5
19ca0115638f56881718f74798a33917
-
SHA1
6640941ae6046307af62b2f1cd0aae07711c00b5
-
SHA256
84dee83ee172871a49fbf587ecf00248690f11a32f9dff57dde1a84c84f2ea36
-
SHA512
8c8720c9695156b4b86383ef6d9c21ae6d33920df6c3b3238a530d0401db6ad6abe5e74e815bcf5c76e69431fd49581c22b755355c2773c12345ce8d275950f9
Malware Config
Extracted
raccoon
93d3ccba4a3cbd5e268873fc1760b2335272e198
-
url4cnc
https://telete.in/opa4kiprivatem
Targets
-
-
Target
84dee83ee172871a49fbf587ecf00248690f11a32f9dff57dde1a84c84f2ea36
-
Size
531KB
-
MD5
19ca0115638f56881718f74798a33917
-
SHA1
6640941ae6046307af62b2f1cd0aae07711c00b5
-
SHA256
84dee83ee172871a49fbf587ecf00248690f11a32f9dff57dde1a84c84f2ea36
-
SHA512
8c8720c9695156b4b86383ef6d9c21ae6d33920df6c3b3238a530d0401db6ad6abe5e74e815bcf5c76e69431fd49581c22b755355c2773c12345ce8d275950f9
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-