Overview

overview

10

Static

static

mixsix_202...15.exe

windows7_x64

10

mixsix_202...15.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mixsix_20211021-222815

  • Size

    512KB

  • Sample

    211021-2dd67abgdl

  • MD5

    9785a8c72b65a8a07fbcaefdcec016ad

  • SHA1

    f0a4fc4cb015105d37a2bb9c8fe4e2609dd8fc0f

  • SHA256

    6892165223b0aac16900e79bc3818988604725cd25681c6c83d1979949e1a9a1

  • SHA512

    fd1885af8853e52b5b050711364eb947c43df15ba128fffe2e37b5c43d20f691c243828570d53a916fe88bda1f7012aad54b09888fe4af9b9ebd25033ceb8051

Score
10/10
raccoon1f80eb00f21640d6a48bbe0a818ba92698f728cestealer

Malware Config

Extracted

Family

raccoon

Botnet

1f80eb00f21640d6a48bbe0a818ba92698f728ce

Attributes
  • url4cnc

    http://telegka.top/rockyrocket11

    http://telegin.top/rockyrocket11

    https://t.me/rockyrocket11

rc4.plain
rc4.plain

Targets

    • Target

      mixsix_20211021-222815

    • Size

      512KB

    • MD5

      9785a8c72b65a8a07fbcaefdcec016ad

    • SHA1

      f0a4fc4cb015105d37a2bb9c8fe4e2609dd8fc0f

    • SHA256

      6892165223b0aac16900e79bc3818988604725cd25681c6c83d1979949e1a9a1

    • SHA512

      fd1885af8853e52b5b050711364eb947c43df15ba128fffe2e37b5c43d20f691c243828570d53a916fe88bda1f7012aad54b09888fe4af9b9ebd25033ceb8051

    Score
    10/10
    raccoon1f80eb00f21640d6a48bbe0a818ba92698f728cestealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks