raccoon | dc6745de06cfe2977ca39a425619d5df9bf942d4eeb70b381d5ff2fc238cb7c1 | Triage

Sharing

General

Target

dc6745de06cfe2977ca39a425619d5df9bf942d4eeb70b381d5ff2fc238cb7c1
Size

500KB
Sample

211115-hcm8xsecgr
MD5

389a9eefc4f474dd860b86f036b99321
SHA1

dedf3ba0a0a2349a7413c7c44509151c8e42ad44
SHA256

dc6745de06cfe2977ca39a425619d5df9bf942d4eeb70b381d5ff2fc238cb7c1
SHA512

f7e9c69e10925e95b145b6eb56925d22a3ec359f44880b6a0faaec0332e170af543033e695a689d636e01016b6836ec2da203c3ab0fc2d5d6bce662449e900dd

Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

675718a5f2ce6d3cacf6cb04a512f5637eae995f

Attributes

url4cnc
http://91.219.236.27/agrybirdsgamerept
http://5.181.156.92/agrybirdsgamerept
http://91.219.236.207/agrybirdsgamerept
http://185.225.19.18/agrybirdsgamerept
http://91.219.237.227/agrybirdsgamerept
http://185.163.47.176/agrybirdsgamerept

rc4.plain

rc4.plain

Targets

- Target
  
  dc6745de06cfe2977ca39a425619d5df9bf942d4eeb70b381d5ff2fc238cb7c1
- Size
  
  500KB
- MD5
  
  389a9eefc4f474dd860b86f036b99321
- SHA1
  
  dedf3ba0a0a2349a7413c7c44509151c8e42ad44
- SHA256
  
  dc6745de06cfe2977ca39a425619d5df9bf942d4eeb70b381d5ff2fc238cb7c1
- SHA512
  
  f7e9c69e10925e95b145b6eb56925d22a3ec359f44880b6a0faaec0332e170af543033e695a689d636e01016b6836ec2da203c3ab0fc2d5d6bce662449e900dd
Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer