raccoon | 5479303f9b86b6017deeea79340b1e6427445b542ebabbc5f0dedd7ebcf2c8fb | Triage

Sharing

General

Target

5479303f9b86b6017deeea79340b1e6427445b542ebabbc5f0dedd7ebcf2c8fb
Size

499KB
Sample

211115-hqb3taedar
MD5

658a165298c23b60d3695c8401fa27d9
SHA1

3d3a927eb5cdccb6991c8ce51a4385276a57845c
SHA256

5479303f9b86b6017deeea79340b1e6427445b542ebabbc5f0dedd7ebcf2c8fb
SHA512

75d53cf785fa34fe01d7c4ae91dc8f270b43e11c628f0a40bfcf6c1862e65bf441e29bd639433b43fe99ec168f620cdfd8ae8c2e4513fd99e186b9983f010cee

Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

675718a5f2ce6d3cacf6cb04a512f5637eae995f

Attributes

url4cnc
http://91.219.236.27/agrybirdsgamerept
http://5.181.156.92/agrybirdsgamerept
http://91.219.236.207/agrybirdsgamerept
http://185.225.19.18/agrybirdsgamerept
http://91.219.237.227/agrybirdsgamerept
http://185.163.47.176/agrybirdsgamerept

rc4.plain

rc4.plain

Targets

- Target
  
  5479303f9b86b6017deeea79340b1e6427445b542ebabbc5f0dedd7ebcf2c8fb
- Size
  
  499KB
- MD5
  
  658a165298c23b60d3695c8401fa27d9
- SHA1
  
  3d3a927eb5cdccb6991c8ce51a4385276a57845c
- SHA256
  
  5479303f9b86b6017deeea79340b1e6427445b542ebabbc5f0dedd7ebcf2c8fb
- SHA512
  
  75d53cf785fa34fe01d7c4ae91dc8f270b43e11c628f0a40bfcf6c1862e65bf441e29bd639433b43fe99ec168f620cdfd8ae8c2e4513fd99e186b9983f010cee
Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer