Overview

overview

10

Static

static

usfive_202...34.exe

windows7_x64

10

usfive_202...34.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    usfive_20211122-125934

  • Size

    439KB

  • Sample

    211122-rft1baffel

  • MD5

    36faccdb8426e051c340d62502298600

  • SHA1

    78b4a59c51a1121664ce69e5efcf03a28ce3271a

  • SHA256

    4c70dc060f61c3bf6caf8d971276e0fe10c8d3de55c52d8fe8b224a02012709c

  • SHA512

    6f0e7ba118ca5e9b8b2c2ef2b9a3508cc83e38fc1bf3ed25cbfe312b3245212f46b39a6dde79948db85a01285eb332c6ff3f37c265bd96528b4361f5e4bdbd1c

Score
10/10
raccoon8b6023dd139bdc34aab99c286fae23d1442b4956stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

8b6023dd139bdc34aab99c286fae23d1442b4956

Attributes
  • url4cnc

    http://91.219.236.27/h_electricryptors2

    http://5.181.156.92/h_electricryptors2

    http://91.219.236.207/h_electricryptors2

    http://185.225.19.18/h_electricryptors2

    http://91.219.237.227/h_electricryptors2

    https://t.me/h_electricryptors2

rc4.plain
rc4.plain

Targets

    • Target

      usfive_20211122-125934

    • Size

      439KB

    • MD5

      36faccdb8426e051c340d62502298600

    • SHA1

      78b4a59c51a1121664ce69e5efcf03a28ce3271a

    • SHA256

      4c70dc060f61c3bf6caf8d971276e0fe10c8d3de55c52d8fe8b224a02012709c

    • SHA512

      6f0e7ba118ca5e9b8b2c2ef2b9a3508cc83e38fc1bf3ed25cbfe312b3245212f46b39a6dde79948db85a01285eb332c6ff3f37c265bd96528b4361f5e4bdbd1c

    Score
    10/10
    raccoon8b6023dd139bdc34aab99c286fae23d1442b4956stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks