General
-
Target
940cbb7e02747f1ab72352d67b1f4b02d336e92944e195827ff6731fb89e14cb
-
Size
560KB
-
Sample
210922-gqmzmsbfb7
-
MD5
c292248a17c6c4ef0965c962aebc424c
-
SHA1
bce3098853a8a30f8c7062d2011a73c45d3b2642
-
SHA256
940cbb7e02747f1ab72352d67b1f4b02d336e92944e195827ff6731fb89e14cb
-
SHA512
5333acbfde413c06b447b20b8de64ca016e1189af77ac01c31ebd3de90d18428c3e4ba0e27e11bc3ec0b89a81ff3b2760f25bee720c83add2faf2bf90fb77b1a
Malware Config
Extracted
raccoon
3a0693aace391ad57b292defd202847793de4c76
-
url4cnc
https://telete.in/agrybirdsgamerept
Targets
-
-
Target
940cbb7e02747f1ab72352d67b1f4b02d336e92944e195827ff6731fb89e14cb
-
Size
560KB
-
MD5
c292248a17c6c4ef0965c962aebc424c
-
SHA1
bce3098853a8a30f8c7062d2011a73c45d3b2642
-
SHA256
940cbb7e02747f1ab72352d67b1f4b02d336e92944e195827ff6731fb89e14cb
-
SHA512
5333acbfde413c06b447b20b8de64ca016e1189af77ac01c31ebd3de90d18428c3e4ba0e27e11bc3ec0b89a81ff3b2760f25bee720c83add2faf2bf90fb77b1a
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-