General
-
Target
7650605b35882b2edd8bff7cd43f6577cfb96fab8bc58f864f9c9acdba6d493d
-
Size
428KB
-
Sample
210908-dvrxlsggdr
-
MD5
3006c31557247d3c11f1685f407b0e75
-
SHA1
05e73833c262c88f96db5ea46ac0d499f4ed8f54
-
SHA256
7650605b35882b2edd8bff7cd43f6577cfb96fab8bc58f864f9c9acdba6d493d
-
SHA512
94c69cca8afaab03f402157f5f4892af2d74196f1945ba5fe36c7cb50dde3da32af789f48c86db019287c2f044062a30377cd8efd876bd8c2d0f554cc9d4317a
Malware Config
Extracted
raccoon
93d3ccba4a3cbd5e268873fc1760b2335272e198
-
url4cnc
https://telete.in/opa4kiprivatem
Targets
-
-
Target
7650605b35882b2edd8bff7cd43f6577cfb96fab8bc58f864f9c9acdba6d493d
-
Size
428KB
-
MD5
3006c31557247d3c11f1685f407b0e75
-
SHA1
05e73833c262c88f96db5ea46ac0d499f4ed8f54
-
SHA256
7650605b35882b2edd8bff7cd43f6577cfb96fab8bc58f864f9c9acdba6d493d
-
SHA512
94c69cca8afaab03f402157f5f4892af2d74196f1945ba5fe36c7cb50dde3da32af789f48c86db019287c2f044062a30377cd8efd876bd8c2d0f554cc9d4317a
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-