General
-
Target
c164c0f62647fd671207e8b78b68fbdf3b97831d0961eb090fc240c59dcbe8b3
-
Size
561KB
-
Sample
210922-fm17esbbb5
-
MD5
84a42e8cee0468c3b33ea9068e65ec2b
-
SHA1
0fb1622fc3995a4dd891ea09b0cfdfb139b8de69
-
SHA256
c164c0f62647fd671207e8b78b68fbdf3b97831d0961eb090fc240c59dcbe8b3
-
SHA512
893c0e27f09c6b8650713dd4ae68563d4b9086afe871a0cffee296c205fc9c577a1bc1fa99303caf5a59c4d436a81baa03592428b989eccd0696f2914a56b713
Malware Config
Extracted
raccoon
3a0693aace391ad57b292defd202847793de4c76
-
url4cnc
https://telete.in/agrybirdsgamerept
Targets
-
-
Target
c164c0f62647fd671207e8b78b68fbdf3b97831d0961eb090fc240c59dcbe8b3
-
Size
561KB
-
MD5
84a42e8cee0468c3b33ea9068e65ec2b
-
SHA1
0fb1622fc3995a4dd891ea09b0cfdfb139b8de69
-
SHA256
c164c0f62647fd671207e8b78b68fbdf3b97831d0961eb090fc240c59dcbe8b3
-
SHA512
893c0e27f09c6b8650713dd4ae68563d4b9086afe871a0cffee296c205fc9c577a1bc1fa99303caf5a59c4d436a81baa03592428b989eccd0696f2914a56b713
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-