raccoon | 0bd288ef56e4fa4b8b52abaeee61b114a890344ffe8264a217683f77e788df32 | Triage

Sharing

General

Target

0bd288ef56e4fa4b8b52abaeee61b114a890344ffe8264a217683f77e788df32
Size

427KB
Sample

210908-vh3a9aegf8
MD5

66eedd09f5019bc498bd26b2d4fa9795
SHA1

b4f5ee48578f381f46ad6a23221e410ad33ebfff
SHA256

0bd288ef56e4fa4b8b52abaeee61b114a890344ffe8264a217683f77e788df32
SHA512

c838e83e4d7dcdc9be9fb69522879373391548c960572c647848319a2d9d2a8b1f984b9cecae01c03cc72098d4579b39368201ea53e9afdf20a4d03fca28c432

Score

10^/10

raccoon 93d3ccba4a3cbd5e268873fc1760b2335272e198 stealer

Malware Config

Extracted

Family

raccoon

Botnet

93d3ccba4a3cbd5e268873fc1760b2335272e198

Attributes

url4cnc
https://telete.in/opa4kiprivatem

rc4.plain

rc4.plain

Targets

- Target
  
  0bd288ef56e4fa4b8b52abaeee61b114a890344ffe8264a217683f77e788df32
- Size
  
  427KB
- MD5
  
  66eedd09f5019bc498bd26b2d4fa9795
- SHA1
  
  b4f5ee48578f381f46ad6a23221e410ad33ebfff
- SHA256
  
  0bd288ef56e4fa4b8b52abaeee61b114a890344ffe8264a217683f77e788df32
- SHA512
  
  c838e83e4d7dcdc9be9fb69522879373391548c960572c647848319a2d9d2a8b1f984b9cecae01c03cc72098d4579b39368201ea53e9afdf20a4d03fca28c432
Score

10^/10

raccoon 93d3ccba4a3cbd5e268873fc1760b2335272e198 stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon93d3ccba4a3cbd5e268873fc1760b2335272e198stealer