raccoon | 8b1ef2325118454f51083997fc841dbf7ba7bbec671dbc42e4514473f4ae7543 | Triage

Sharing

General

Target

8b1ef2325118454f51083997fc841dbf7ba7bbec671dbc42e4514473f4ae7543
Size

500KB
Sample

211115-n8cpysaaf4
MD5

3d3c70fe4fd5b027ed30d1968225af96
SHA1

6ea652b39030801112dce73d2885b76fc8189a1a
SHA256

8b1ef2325118454f51083997fc841dbf7ba7bbec671dbc42e4514473f4ae7543
SHA512

ae8fdbca72bf138e45cffcd2049a761dd0e46e4f79874572403612c2e60b19d0e7c982597cdf0c9dec16818dea321048b826386b0aa2d1c072a919320ae43cf9

Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

675718a5f2ce6d3cacf6cb04a512f5637eae995f

Attributes

url4cnc
http://91.219.236.27/agrybirdsgamerept
http://5.181.156.92/agrybirdsgamerept
http://91.219.236.207/agrybirdsgamerept
http://185.225.19.18/agrybirdsgamerept
http://91.219.237.227/agrybirdsgamerept
http://185.163.47.176/agrybirdsgamerept

rc4.plain

rc4.plain

Targets

- Target
  
  8b1ef2325118454f51083997fc841dbf7ba7bbec671dbc42e4514473f4ae7543
- Size
  
  500KB
- MD5
  
  3d3c70fe4fd5b027ed30d1968225af96
- SHA1
  
  6ea652b39030801112dce73d2885b76fc8189a1a
- SHA256
  
  8b1ef2325118454f51083997fc841dbf7ba7bbec671dbc42e4514473f4ae7543
- SHA512
  
  ae8fdbca72bf138e45cffcd2049a761dd0e46e4f79874572403612c2e60b19d0e7c982597cdf0c9dec16818dea321048b826386b0aa2d1c072a919320ae43cf9
Score

10^/10

raccoon 675718a5f2ce6d3cacf6cb04a512f5637eae995f stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon675718a5f2ce6d3cacf6cb04a512f5637eae995fstealer