54d61c8728f2b5872675212017a5e0e7

Target

Size

582KB

Sample

211030-ayqxyababn

Score

10 ^/10

MD5

54d61c8728f2b5872675212017a5e0e7

SHA1

ea3fe4632335c7fe5c883a64007ba1f3180d8999

SHA256

678acb0210b49178697f000aa87619018626bb64ed483690bb266d942e0f5c1e

SHA512

af22e75a31b3309dee47e6833125194d52bc7b1249c9709324a5eb3da6d9b5cf6c03a33c2394d948a97e5aabf8964c489efb0ce4cf44664be5ee54501587db7a

Extracted

Family	raccoon
Botnet	7c9b4504a63ed23664e38808e65948379b790395
Attributes	url4cnc http://telegka.top/capibar http://telegin.top/capibar https://t.me/capibar
rc4.plain
rc4.plain

Target

54d61c8728f2b5872675212017a5e0e7

MD5

54d61c8728f2b5872675212017a5e0e7

Filesize

582KB

Score

10^/10

SHA1

ea3fe4632335c7fe5c883a64007ba1f3180d8999

SHA256

678acb0210b49178697f000aa87619018626bb64ed483690bb266d942e0f5c1e

SHA512

af22e75a31b3309dee47e6833125194d52bc7b1249c9709324a5eb3da6d9b5cf6c03a33c2394d948a97e5aabf8964c489efb0ce4cf44664be5ee54501587db7a

Signatures

Raccoon
Description

Simple but powerful infostealer which was very active in 2019.
Tags

stealer raccoon
Suspicious use of NtCreateProcessExOtherParentProcess

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

raccoon 7c9b4504a63ed23664e38808e65948379b790395 stealer

10^/10

behavioral2

raccoon 7c9b4504a63ed23664e38808e65948379b790395 stealer

10^/10

Extracted

Tags

Signatures

Raccoon

Description

Tags

Suspicious use of NtCreateProcessExOtherParentProcess

Related Tasks

static1

behavioral1

behavioral2