General
-
Target
6924ac2a28d9e99e00bd35a294dadfa1a164eddafb28a02c88ea09a6473d351f
-
Size
522KB
-
Sample
210907-vb9rragbgm
-
MD5
1eccff38e8a8cbb815a2ef2417fc7fd5
-
SHA1
732fa41ab22133eac4ec5a71e7a95536f720252f
-
SHA256
6924ac2a28d9e99e00bd35a294dadfa1a164eddafb28a02c88ea09a6473d351f
-
SHA512
004896fcd378f2726f58b7bd04d784bec080614cd7e2358050f5cb608ee558d522b1e510dbab31270848cdd45603e0d909f32d5cb12c679856248eb2bca6af61
Malware Config
Extracted
raccoon
93d3ccba4a3cbd5e268873fc1760b2335272e198
-
url4cnc
https://telete.in/opa4kiprivatem
Targets
-
-
Target
6924ac2a28d9e99e00bd35a294dadfa1a164eddafb28a02c88ea09a6473d351f
-
Size
522KB
-
MD5
1eccff38e8a8cbb815a2ef2417fc7fd5
-
SHA1
732fa41ab22133eac4ec5a71e7a95536f720252f
-
SHA256
6924ac2a28d9e99e00bd35a294dadfa1a164eddafb28a02c88ea09a6473d351f
-
SHA512
004896fcd378f2726f58b7bd04d784bec080614cd7e2358050f5cb608ee558d522b1e510dbab31270848cdd45603e0d909f32d5cb12c679856248eb2bca6af61
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-