Overview

overview

10

Static

static

mixsix_202...31.exe

windows7_x64

10

mixsix_202...31.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mixsix_20211026-230331

  • Size

    649KB

  • Sample

    211026-zxbt3aaahr

  • MD5

    0f2c6fea427d273ea705cb397229ea1c

  • SHA1

    f8a7502b1773dcc92b62cae9fc52fbf2c48cddd0

  • SHA256

    ce446701e5909550dcea95e229a76de9dab64b8f1642daa4f92c11a8bcd10771

  • SHA512

    605d6ee544ac3dc103e7effc687494e49bfd831fbef9b1df77c9f5ce58e9f699991c5f83a9ab490593adbf15f0f1d38bb675b9e56b62863f3b1a310eb960a14c

Score
10/10
raccoon7c9b4504a63ed23664e38808e65948379b790395stealer

Malware Config

Extracted

Family

raccoon

Botnet

7c9b4504a63ed23664e38808e65948379b790395

Attributes
  • url4cnc

    http://telegka.top/capibar

    http://telegin.top/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Targets

    • Target

      mixsix_20211026-230331

    • Size

      649KB

    • MD5

      0f2c6fea427d273ea705cb397229ea1c

    • SHA1

      f8a7502b1773dcc92b62cae9fc52fbf2c48cddd0

    • SHA256

      ce446701e5909550dcea95e229a76de9dab64b8f1642daa4f92c11a8bcd10771

    • SHA512

      605d6ee544ac3dc103e7effc687494e49bfd831fbef9b1df77c9f5ce58e9f699991c5f83a9ab490593adbf15f0f1d38bb675b9e56b62863f3b1a310eb960a14c

    Score
    10/10
    raccoon7c9b4504a63ed23664e38808e65948379b790395stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks