raccoon | c7f7b5f94ea4d9afb32067a16f0c5de0beaa2d16cbb8dea032e9cf0b3059e1f4 | Triage

Sharing

General

Target

c7f7b5f94ea4d9afb32067a16f0c5de0beaa2d16cbb8dea032e9cf0b3059e1f4
Size

500KB
Sample

211115-a6d84seabr
MD5

3b047750117f8fa8e80c3168415973a4
SHA1

dd362ac6b2475c5966c296744de9b1e5b15bd620
SHA256

c7f7b5f94ea4d9afb32067a16f0c5de0beaa2d16cbb8dea032e9cf0b3059e1f4
SHA512

4ba476090940f7cd775d2b51b0a7633da2ff6ff8feca00c3d464c8d12ed923d631c8db69b8f1061403afbc101bea413712a41670f92629cdb7281ab521873c3c

Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

675718a5f2ce6d3cacf6cb04a512f5637eae995f

Attributes

url4cnc
http://91.219.236.27/agrybirdsgamerept
http://5.181.156.92/agrybirdsgamerept
http://91.219.236.207/agrybirdsgamerept
http://185.225.19.18/agrybirdsgamerept
http://91.219.237.227/agrybirdsgamerept
http://185.163.47.176/agrybirdsgamerept

rc4.plain

rc4.plain

Targets

- Target
  
  c7f7b5f94ea4d9afb32067a16f0c5de0beaa2d16cbb8dea032e9cf0b3059e1f4
- Size
  
  500KB
- MD5
  
  3b047750117f8fa8e80c3168415973a4
- SHA1
  
  dd362ac6b2475c5966c296744de9b1e5b15bd620
- SHA256
  
  c7f7b5f94ea4d9afb32067a16f0c5de0beaa2d16cbb8dea032e9cf0b3059e1f4
- SHA512
  
  4ba476090940f7cd775d2b51b0a7633da2ff6ff8feca00c3d464c8d12ed923d631c8db69b8f1061403afbc101bea413712a41670f92629cdb7281ab521873c3c
Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer