Overview

overview

10

Static

static

mixsix_202...08.exe

windows7_x64

10

mixsix_202...08.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mixsix_20211029-001408

  • Size

    648KB

  • Sample

    211028-16ykvshaek

  • MD5

    fca8bb3b8d137449cba1fbf406e0d1eb

  • SHA1

    8b2a7d56695e4aea122e37b3a5a371a16cfa5c2d

  • SHA256

    249153197eafedc3426d55f6a12fbe041acb4527bc8c31f007ea1798d30df7b9

  • SHA512

    71c04d60d49ce9ed3314752171b6b9ca102cf80dc113b9af56a2be2b6fd790b83a890b95319ec701444a0b41fb644299d0e5b4a84f86c7cb37411eb95e20eb90

Score
10/10
raccoon7c9b4504a63ed23664e38808e65948379b790395stealer

Malware Config

Extracted

Family

raccoon

Botnet

7c9b4504a63ed23664e38808e65948379b790395

Attributes
  • url4cnc

    http://telegka.top/capibar

    http://telegin.top/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Targets

    • Target

      mixsix_20211029-001408

    • Size

      648KB

    • MD5

      fca8bb3b8d137449cba1fbf406e0d1eb

    • SHA1

      8b2a7d56695e4aea122e37b3a5a371a16cfa5c2d

    • SHA256

      249153197eafedc3426d55f6a12fbe041acb4527bc8c31f007ea1798d30df7b9

    • SHA512

      71c04d60d49ce9ed3314752171b6b9ca102cf80dc113b9af56a2be2b6fd790b83a890b95319ec701444a0b41fb644299d0e5b4a84f86c7cb37411eb95e20eb90

    Score
    10/10
    raccoon7c9b4504a63ed23664e38808e65948379b790395stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks