Description
Simple but powerful infostealer which was very active in 2019.
89b3ed9d4b3daa09b18db0ee62d8c7b652f3101299a6fc9ca0245bb6a6ded9b9
513KB
211002-n84tfaedgp
4d0f90fb39427a8bf7072403f5e0d746
06186e6498b8120dd1f733e57231215e6f9945fe
89b3ed9d4b3daa09b18db0ee62d8c7b652f3101299a6fc9ca0245bb6a6ded9b9
5c759659a6199b81d59f86b69d3985329fe39d0dcf6b6a15eac721129f5d1e5bff8b4cb56eb9aee07213fb097956dc796aceb369c534b2807a8398c89806747b
Family | raccoon |
Version | 1.8.2 |
Botnet | 1ec902112b48b86eaf116e67218e531d05852427 |
Attributes |
url4cnc http://teletop.top/papatikmikr0 http://teleta.top/papatikmikr0 https://t.me/papatikmikr0 |
rc4.plain |
|
rc4.plain |
|
89b3ed9d4b3daa09b18db0ee62d8c7b652f3101299a6fc9ca0245bb6a6ded9b9
4d0f90fb39427a8bf7072403f5e0d746
513KB
06186e6498b8120dd1f733e57231215e6f9945fe
89b3ed9d4b3daa09b18db0ee62d8c7b652f3101299a6fc9ca0245bb6a6ded9b9
5c759659a6199b81d59f86b69d3985329fe39d0dcf6b6a15eac721129f5d1e5bff8b4cb56eb9aee07213fb097956dc796aceb369c534b2807a8398c89806747b
Simple but powerful infostealer which was very active in 2019.
suricata: ET MALWARE Win32.Raccoon Stealer CnC Activity (dependency download)
suricata: ET MALWARE Win32.Raccoon Stealer Data Exfil Attempt
Email clients store some user data on disk where infostealers will often target it.
Infostealers often target stored browser data, which can include saved credentials etc.
Looks up Uninstall key entries in the registry to enumerate software on the system.