raccoon | e9606adc2bc1c0a47df192e4b454bbb6e96320f7c15c23613bb876cd5de75021 | Triage

Sharing

General

Target

e9606adc2bc1c0a47df192e4b454bbb6e96320f7c15c23613bb876cd5de75021
Size

590KB
Sample

211020-13ctzsaedm
MD5

680db5fa71fa1fddef96af6be864c610
SHA1

d7028360443d7a3ca94ffa5586ac20206f6ca2be
SHA256

e9606adc2bc1c0a47df192e4b454bbb6e96320f7c15c23613bb876cd5de75021
SHA512

8d77c707413749b02baff1b9ddfb09f539003dd19c1c082751748d3653800057f98ba1cf3e59fbf04b2c59b69730d2b293765e178103ec2f13d48f5395562dd1

Score

10^/10

raccoon 887a0ffaca448362277f2227182491216b734133 stealer

Malware Config

Extracted

Family

raccoon

Botnet

887a0ffaca448362277f2227182491216b734133

Attributes

url4cnc
http://telegka.top/jdiamond13
http://telegin.top/jdiamond13
https://t.me/jdiamond13

rc4.plain

rc4.plain

Targets

- Target
  
  e9606adc2bc1c0a47df192e4b454bbb6e96320f7c15c23613bb876cd5de75021
- Size
  
  590KB
- MD5
  
  680db5fa71fa1fddef96af6be864c610
- SHA1
  
  d7028360443d7a3ca94ffa5586ac20206f6ca2be
- SHA256
  
  e9606adc2bc1c0a47df192e4b454bbb6e96320f7c15c23613bb876cd5de75021
- SHA512
  
  8d77c707413749b02baff1b9ddfb09f539003dd19c1c082751748d3653800057f98ba1cf3e59fbf04b2c59b69730d2b293765e178103ec2f13d48f5395562dd1
Score

10^/10

raccoon 887a0ffaca448362277f2227182491216b734133 stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon887a0ffaca448362277f2227182491216b734133stealer