General
-
Target
1232b316cc7d951d39636b5341fe3e0d316c17a5d8ebbc56c593d2a4027cb6a6
-
Size
456KB
-
Sample
210915-gs192shhf7
-
MD5
0aabed880863a590beda3170dd4bd577
-
SHA1
01e9eadd90a0a18cde20d52986c4b8cd7955afa7
-
SHA256
1232b316cc7d951d39636b5341fe3e0d316c17a5d8ebbc56c593d2a4027cb6a6
-
SHA512
e347b2ad7f76169f7c6caac8f91e3ea501ac4f3ee6995eb2d01d2294cfdd02717119ade401cfef969319bb29f02356d37a50cc187fa7658a7ecce3e8508bb0b2
Malware Config
Extracted
raccoon
6e76410dbdf2085ebcf2777560bd8cb0790329c9
-
url4cnc
https://telete.in/bibiOutriggr1
Targets
-
-
Target
1232b316cc7d951d39636b5341fe3e0d316c17a5d8ebbc56c593d2a4027cb6a6
-
Size
456KB
-
MD5
0aabed880863a590beda3170dd4bd577
-
SHA1
01e9eadd90a0a18cde20d52986c4b8cd7955afa7
-
SHA256
1232b316cc7d951d39636b5341fe3e0d316c17a5d8ebbc56c593d2a4027cb6a6
-
SHA512
e347b2ad7f76169f7c6caac8f91e3ea501ac4f3ee6995eb2d01d2294cfdd02717119ade401cfef969319bb29f02356d37a50cc187fa7658a7ecce3e8508bb0b2
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-