raccoon | b66ffdb7174f4c240e016033010d29a21ef2e083a62afe6275bf6bf9027b28c7 | Triage

Submit
Reports

Overview

overview

Static

static

??? ?? 9?.exe

windows7_x64

??? ?? 9?.exe

windows10_x64

Analysis

max time kernel
150s
max time network
196s
platform
windows7_x64
resource
win7v20210408
submitted
28-09-2021 06:44

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

??? ?? 9?.exe

Resource

win7v20210408

raccoon 1ea547c0a567138950af900718b7747d9f51d0cb stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

??? ?? 9?.exe

Resource

win10-en-20210920

raccoon 1ea547c0a567138950af900718b7747d9f51d0cb discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

??? ?? 9?.exe
Size

541KB
MD5

5c06eccf9ec74274380b45219b0d813e
SHA1

46a78db9a6faa353855cd1d409fd2c83626a844c
SHA256

b66ffdb7174f4c240e016033010d29a21ef2e083a62afe6275bf6bf9027b28c7
SHA512

e9f7bf7b724502660c185eaa76e83df6f516c2137a30203cca66432f1cbe5ed7b69c32567a3564ff27137cc1f501920454dc5aab5db0e5d1994e3ccecfbdf897

Score

10^/10

raccoon 1ea547c0a567138950af900718b7747d9f51d0cb stealer

Malware Config

Extracted

Family

raccoon

Botnet

1ea547c0a567138950af900718b7747d9f51d0cb

Attributes

url4cnc
https://t.me/niclokirsin

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Processes

C:\Users\Admin\AppData\Local\Temp\___ __ 9_.exe
"C:\Users\Admin\AppData\Local\Temp\___ __ 9_.exe"
1⤵
PID:1100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1100-60-0x0000000075AF1000-0x0000000075AF3000-memory.dmp

Filesize
8KB

Download
memory/1100-61-0x0000000000250000-0x00000000002E0000-memory.dmp

Filesize
576KB

Download
memory/1100-62-0x0000000000400000-0x0000000002BD0000-memory.dmp

Filesize
39.8MB

Download

© 2018-2024

Terms | Privacy