raccoon | 41745a66c138a4528ea18b88f4e6bfc0b25a51f793de5a8d5a2a94cd46ef61df | Triage

Sharing

General

Target

41745a66c138a4528ea18b88f4e6bfc0b25a51f793de5a8d5a2a94cd46ef61df
Size

501KB
Sample

211114-tllbgadeem
MD5

0694773c1a2da4a5061f603a5c5c00d0
SHA1

b0b47b6785218b44989ce9fb20af03e502fdbec2
SHA256

41745a66c138a4528ea18b88f4e6bfc0b25a51f793de5a8d5a2a94cd46ef61df
SHA512

e604dc5729f0ef31e78360eaa58d06793e400424c891024dd5d0312437528935de84ee0f42c416276fcbfe4388a8d8c5b861f2249e1a0d183d486cf9717e08ee

Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

675718a5f2ce6d3cacf6cb04a512f5637eae995f

Attributes

url4cnc
http://91.219.236.27/agrybirdsgamerept
http://5.181.156.92/agrybirdsgamerept
http://91.219.236.207/agrybirdsgamerept
http://185.225.19.18/agrybirdsgamerept
http://91.219.237.227/agrybirdsgamerept
http://185.163.47.176/agrybirdsgamerept

rc4.plain

rc4.plain

Targets

- Target
  
  41745a66c138a4528ea18b88f4e6bfc0b25a51f793de5a8d5a2a94cd46ef61df
- Size
  
  501KB
- MD5
  
  0694773c1a2da4a5061f603a5c5c00d0
- SHA1
  
  b0b47b6785218b44989ce9fb20af03e502fdbec2
- SHA256
  
  41745a66c138a4528ea18b88f4e6bfc0b25a51f793de5a8d5a2a94cd46ef61df
- SHA512
  
  e604dc5729f0ef31e78360eaa58d06793e400424c891024dd5d0312437528935de84ee0f42c416276fcbfe4388a8d8c5b861f2249e1a0d183d486cf9717e08ee
Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer