raccoon | 99f6bad7e932642508b33725452dbac5aa528d8b60819710a388aab28b59f2fc | Triage

Submit
Reports

Overview

overview

Static

static

e1a287e16e...ea.exe

windows7_x64

e1a287e16e...ea.exe

windows10_x64

Analysis

max time kernel
134s
max time network
135s
platform
windows7_x64
resource
win7-en-20211014
submitted
20-11-2021 11:59

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e1a287e16e419ba8580f21ac2af196ea.exe

Resource

win7-en-20211014

raccoon 59885c564847bf29ddd9457b81c619998245ba90 stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

e1a287e16e419ba8580f21ac2af196ea.exe

Resource

win10-en-20211104

raccoon 59885c564847bf29ddd9457b81c619998245ba90 stealer

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

e1a287e16e419ba8580f21ac2af196ea.exe
Size

450KB
MD5

e1a287e16e419ba8580f21ac2af196ea
SHA1

644ba0c27e92b2e9e7986b0a81147ef4c4a9dede
SHA256

99f6bad7e932642508b33725452dbac5aa528d8b60819710a388aab28b59f2fc
SHA512

acc21fd92cf0450e3d0bc0ab0bcca23eb5894aa17ac71e967b1ad5e0a72495ef5f9b85b432ab6693d7fe7900ee521172d58c7e93463cd87bdd3a568ee6fe5966

Score

10^/10

raccoon 59885c564847bf29ddd9457b81c619998245ba90 stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

59885c564847bf29ddd9457b81c619998245ba90

Attributes

url4cnc
http://91.219.236.27/opussenseus1
http://5.181.156.92/opussenseus1
http://91.219.236.207/opussenseus1
http://185.225.19.18/opussenseus1
http://91.219.237.227/opussenseus1
https://t.me/opussenseus1

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Processes

C:\Users\Admin\AppData\Local\Temp\e1a287e16e419ba8580f21ac2af196ea.exe
"C:\Users\Admin\AppData\Local\Temp\e1a287e16e419ba8580f21ac2af196ea.exe"
1⤵
PID:1716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1716-55-0x00000000763C1000-0x00000000763C3000-memory.dmp

Filesize
8KB

Download
memory/1716-56-0x00000000001B0000-0x00000000001FF000-memory.dmp

Filesize
316KB

Download
memory/1716-57-0x0000000000510000-0x000000000059F000-memory.dmp

Filesize
572KB

Download
memory/1716-58-0x0000000000400000-0x0000000000491000-memory.dmp

Filesize
580KB

Download

© 2018-2024

Terms | Privacy