General
-
Target
f04c294ca29faa3693150f769abcfb9154bce33397ed798b23abd013660ebbb6
-
Size
531KB
-
Sample
210907-yka7bsdcb3
-
MD5
31dd2fc81fc2974ea151fbd95a75b396
-
SHA1
82ebebe82d2cbdb0bd7bf7a0d5ba065ae68f656a
-
SHA256
f04c294ca29faa3693150f769abcfb9154bce33397ed798b23abd013660ebbb6
-
SHA512
7b5f0ba8c508716880484e77e9be8b00a5ac0d4b05db41b534b1a6d3fae9fe4b042029de827e4f9f7e705502daad4e3fd656743b54bd98a5c68f09c6fac74b88
Malware Config
Extracted
raccoon
93d3ccba4a3cbd5e268873fc1760b2335272e198
-
url4cnc
https://telete.in/opa4kiprivatem
Targets
-
-
Target
f04c294ca29faa3693150f769abcfb9154bce33397ed798b23abd013660ebbb6
-
Size
531KB
-
MD5
31dd2fc81fc2974ea151fbd95a75b396
-
SHA1
82ebebe82d2cbdb0bd7bf7a0d5ba065ae68f656a
-
SHA256
f04c294ca29faa3693150f769abcfb9154bce33397ed798b23abd013660ebbb6
-
SHA512
7b5f0ba8c508716880484e77e9be8b00a5ac0d4b05db41b534b1a6d3fae9fe4b042029de827e4f9f7e705502daad4e3fd656743b54bd98a5c68f09c6fac74b88
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-