raccoon | bbce7aaecfe5981538518598a00491dd0cf73ff62074b68cdca9a51c009dbde2 | Triage

Submit
Reports

Overview

overview

Static

static

fefb3ad9f0...5a.exe

windows7_x64

fefb3ad9f0...5a.exe

windows10_x64

Analysis

max time kernel
134s
max time network
134s
platform
windows7_x64
resource
win7-en-20211104
submitted
20-11-2021 11:54

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

fefb3ad9f0f596eb173366e7a82b055a.exe

Resource

win7-en-20211104

raccoon 59885c564847bf29ddd9457b81c619998245ba90 stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fefb3ad9f0f596eb173366e7a82b055a.exe

Resource

win10-en-20211014

raccoon 59885c564847bf29ddd9457b81c619998245ba90 stealer

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

fefb3ad9f0f596eb173366e7a82b055a.exe
Size

440KB
MD5

fefb3ad9f0f596eb173366e7a82b055a
SHA1

f57f6d0766607203e7f02d81b2efebdcb728b646
SHA256

bbce7aaecfe5981538518598a00491dd0cf73ff62074b68cdca9a51c009dbde2
SHA512

e76d832e12ce5bb38aae81a256900d7dd3ea357bbec0b4e322f3d8ad9d9412e88c81d26c5cfaa62cb09bb47598d0a7e9ae3dad4753d84eec55ecbc5ec82a768c

Score

10^/10

raccoon 59885c564847bf29ddd9457b81c619998245ba90 stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

59885c564847bf29ddd9457b81c619998245ba90

Attributes

url4cnc
http://91.219.236.27/opussenseus1
http://5.181.156.92/opussenseus1
http://91.219.236.207/opussenseus1
http://185.225.19.18/opussenseus1
http://91.219.237.227/opussenseus1
https://t.me/opussenseus1

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Processes

C:\Users\Admin\AppData\Local\Temp\fefb3ad9f0f596eb173366e7a82b055a.exe
"C:\Users\Admin\AppData\Local\Temp\fefb3ad9f0f596eb173366e7a82b055a.exe"
1⤵
PID:1892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1892-55-0x0000000075981000-0x0000000075983000-memory.dmp

Filesize
8KB

Download
memory/1892-57-0x0000000000270000-0x00000000002FF000-memory.dmp

Filesize
572KB

Download
memory/1892-56-0x0000000000220000-0x000000000026F000-memory.dmp

Filesize
316KB

Download
memory/1892-58-0x0000000000400000-0x0000000000491000-memory.dmp

Filesize
580KB

Download

© 2018-2024

Terms | Privacy