Overview

overview

10

Static

static

bf644c2bff...2b.exe

windows7_x64

10

bf644c2bff...2b.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf644c2bffc998fcdf82489cbb63752b.exe

  • Size

    499KB

  • Sample

    211115-jptrxaeebq

  • MD5

    bf644c2bffc998fcdf82489cbb63752b

  • SHA1

    999cce51b9e43959323f37a1f4650d47cbaf53d7

  • SHA256

    32788bd3c4dbc325754fef4cf6242f38210e7db4b39a69c5f742cf9675244013

  • SHA512

    a598efd1f4c5a25362b6d8bd22ca0f0be9ec79ba3fbd788fc1a65d5ee080192821eebfb92024c66e58a86d4ea8c8e8828bc0a042f52ae02d83a1f43854a05adf

Score
10/10
raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

675718a5f2ce6d3cacf6cb04a512f5637eae995f

Attributes
  • url4cnc

    http://91.219.236.27/agrybirdsgamerept

    http://5.181.156.92/agrybirdsgamerept

    http://91.219.236.207/agrybirdsgamerept

    http://185.225.19.18/agrybirdsgamerept

    http://91.219.237.227/agrybirdsgamerept

    http://185.163.47.176/agrybirdsgamerept

rc4.plain
rc4.plain

Targets

    • Target

      bf644c2bffc998fcdf82489cbb63752b.exe

    • Size

      499KB

    • MD5

      bf644c2bffc998fcdf82489cbb63752b

    • SHA1

      999cce51b9e43959323f37a1f4650d47cbaf53d7

    • SHA256

      32788bd3c4dbc325754fef4cf6242f38210e7db4b39a69c5f742cf9675244013

    • SHA512

      a598efd1f4c5a25362b6d8bd22ca0f0be9ec79ba3fbd788fc1a65d5ee080192821eebfb92024c66e58a86d4ea8c8e8828bc0a042f52ae02d83a1f43854a05adf

    Score
    10/10
    raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks