raccoon | 088408d4521923335a966f44b2cb47e1303db2fd804b9e2df4404919d535dc11 | Triage

Sharing

General

Target

088408d4521923335a966f44b2cb47e1303db2fd804b9e2df4404919d535dc11
Size

500KB
Sample

211114-pc33psdcfm
MD5

423d618d3941ceeb6ec059b8abc88249
SHA1

d5d1327accbb2de7b022cfa227461c949590c956
SHA256

088408d4521923335a966f44b2cb47e1303db2fd804b9e2df4404919d535dc11
SHA512

2b56681ddacd4b12e8946150ec7ac50b4d24347891a8f37759b8e39acb6c089a66e8e970f5e79ad7a01f9a65c26df8a7a32c2eca6eff8dce72bf3c1e442db04a

Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

675718a5f2ce6d3cacf6cb04a512f5637eae995f

Attributes

url4cnc
http://91.219.236.27/agrybirdsgamerept
http://5.181.156.92/agrybirdsgamerept
http://91.219.236.207/agrybirdsgamerept
http://185.225.19.18/agrybirdsgamerept
http://91.219.237.227/agrybirdsgamerept
http://185.163.47.176/agrybirdsgamerept

rc4.plain

rc4.plain

Targets

- Target
  
  088408d4521923335a966f44b2cb47e1303db2fd804b9e2df4404919d535dc11
- Size
  
  500KB
- MD5
  
  423d618d3941ceeb6ec059b8abc88249
- SHA1
  
  d5d1327accbb2de7b022cfa227461c949590c956
- SHA256
  
  088408d4521923335a966f44b2cb47e1303db2fd804b9e2df4404919d535dc11
- SHA512
  
  2b56681ddacd4b12e8946150ec7ac50b4d24347891a8f37759b8e39acb6c089a66e8e970f5e79ad7a01f9a65c26df8a7a32c2eca6eff8dce72bf3c1e442db04a
Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer