General
-
Target
86f7f6808d0fdcf3519443e8d177873326bd26fb665148670e3b11027f388547
-
Size
420KB
-
Sample
210926-19nvtsfdd5
-
MD5
ad7a12af4ceb641d033134f3590d7c5a
-
SHA1
f11c07aeca68b11decb9c24e76197806e6a31473
-
SHA256
86f7f6808d0fdcf3519443e8d177873326bd26fb665148670e3b11027f388547
-
SHA512
a1cabe50cb60ecc6e1940467d00278682c23c2c575cb1ed92cf7d397e9eb26dbba2f3973dbcdb354610227df4fd7f39a6b951f8b5fd87044efdeebd6b820900b
Malware Config
Extracted
raccoon
5ff0ccb2bc00dc52d1ad09949e9c7663bc9ca4d4
-
url4cnc
https://t.me/agrybirdsgamerept
Targets
-
-
Target
86f7f6808d0fdcf3519443e8d177873326bd26fb665148670e3b11027f388547
-
Size
420KB
-
MD5
ad7a12af4ceb641d033134f3590d7c5a
-
SHA1
f11c07aeca68b11decb9c24e76197806e6a31473
-
SHA256
86f7f6808d0fdcf3519443e8d177873326bd26fb665148670e3b11027f388547
-
SHA512
a1cabe50cb60ecc6e1940467d00278682c23c2c575cb1ed92cf7d397e9eb26dbba2f3973dbcdb354610227df4fd7f39a6b951f8b5fd87044efdeebd6b820900b
Score10/10-
Raccoon
Simple but powerful infostealer which was very active in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-