raccoon | 7af9e7e44d7f033837b7bae0f23f2bd5d7eb5e31b2067fcf31be2886141517be | Triage

Sharing

General

Target

4185c4256f10ce9fcff982a0dfb951a7.exe
Size

488KB
Sample

211026-pkf8xahdb7
MD5

4185c4256f10ce9fcff982a0dfb951a7
SHA1

9ed03f2d92d68e65c82e9646541504d81daaa2d0
SHA256

7af9e7e44d7f033837b7bae0f23f2bd5d7eb5e31b2067fcf31be2886141517be
SHA512

0e02e7bf74b5521b06e9db09b4e6391430830d4177cba35bdcaa9a41f3b6fa87004b446d5ee7f7665b8a23dd74f49e46ab1c941c14a71cafa17465e81f2511a4

Score

10^/10

raccoon 7ebf9b416b72a203df65383eec899dc689d2c3d7 stealer

Malware Config

Extracted

Family

raccoon

Botnet

7ebf9b416b72a203df65383eec899dc689d2c3d7

Attributes

url4cnc
http://telegatt.top/agrybirdsgamerept
http://telegka.top/agrybirdsgamerept
http://telegin.top/agrybirdsgamerept
https://t.me/agrybirdsgamerept

rc4.plain

rc4.plain

Targets

- Target
  
  4185c4256f10ce9fcff982a0dfb951a7.exe
- Size
  
  488KB
- MD5
  
  4185c4256f10ce9fcff982a0dfb951a7
- SHA1
  
  9ed03f2d92d68e65c82e9646541504d81daaa2d0
- SHA256
  
  7af9e7e44d7f033837b7bae0f23f2bd5d7eb5e31b2067fcf31be2886141517be
- SHA512
  
  0e02e7bf74b5521b06e9db09b4e6391430830d4177cba35bdcaa9a41f3b6fa87004b446d5ee7f7665b8a23dd74f49e46ab1c941c14a71cafa17465e81f2511a4
Score

10^/10

raccoon 7ebf9b416b72a203df65383eec899dc689d2c3d7 stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer

behavioral2

raccoon7ebf9b416b72a203df65383eec899dc689d2c3d7stealer