General
-
Target
d6c1b1510894052b864d10fe5a106eadcb0162bba333950dbfb0238c7bde4755
-
Size
433KB
-
Sample
210925-vekxssdfe7
-
MD5
00bd2f4ac6a584846138427f1eb87d06
-
SHA1
afa5e240a7eb721ccb8714b481bd41e76c119838
-
SHA256
d6c1b1510894052b864d10fe5a106eadcb0162bba333950dbfb0238c7bde4755
-
SHA512
9ac98f04bba12d91216e4157f431bceac66eea3f325a1b1a25b0cfd00d41a1f5495bbf0f9c83f79776921df77ce6ff8b2bb3fa049715dcde09f6b59cf5453f1c
Malware Config
Extracted
raccoon
c1728bc068ff13c9172ac566c717a997b9a7b1dc
-
url4cnc
https://t.me/tika31ramencomp
Targets
-
-
Target
d6c1b1510894052b864d10fe5a106eadcb0162bba333950dbfb0238c7bde4755
-
Size
433KB
-
MD5
00bd2f4ac6a584846138427f1eb87d06
-
SHA1
afa5e240a7eb721ccb8714b481bd41e76c119838
-
SHA256
d6c1b1510894052b864d10fe5a106eadcb0162bba333950dbfb0238c7bde4755
-
SHA512
9ac98f04bba12d91216e4157f431bceac66eea3f325a1b1a25b0cfd00d41a1f5495bbf0f9c83f79776921df77ce6ff8b2bb3fa049715dcde09f6b59cf5453f1c
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-