raccoon | ff5735fd5a8212a70382700fbc8644a2ac8b47f3e2b8f3ef09a01c06b9963e8a | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Analysis

max time kernel
129s
max time network
132s
platform
windows10_x64
resource
win10-en-20211014
submitted
04-12-2021 12:50

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ff5735fd5a8212a70382700fbc8644a2ac8b47f3e2b8f3ef09a01c06b9963e8a.exe

Resource

win10-en-20211014

raccoon 049dc5184bb65eb56e4e860bf61427e2a0fcba1e stealer

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

ff5735fd5a8212a70382700fbc8644a2ac8b47f3e2b8f3ef09a01c06b9963e8a.exe
Size

544KB
MD5

9b9b348cfef6506a15146163daf7ce69
SHA1

cf5c6f049c7dce88b8ac075f5ffe293d5cf7f3ee
SHA256

ff5735fd5a8212a70382700fbc8644a2ac8b47f3e2b8f3ef09a01c06b9963e8a
SHA512

f779db4c20eb3c1822f5746c23ad3e81e270db36f9a8b229f7d4a6ba9a8b40de157836811c4b5c8e72e0304e135cf93698ead5b05f18468e008ccc222f70ed51

Score

10^/10

raccoon 049dc5184bb65eb56e4e860bf61427e2a0fcba1e stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

049dc5184bb65eb56e4e860bf61427e2a0fcba1e

Attributes

url4cnc
http://185.225.19.18/duglassa1
http://91.219.237.227/duglassa1
https://t.me/duglassa1

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Processes

C:\Users\Admin\AppData\Local\Temp\ff5735fd5a8212a70382700fbc8644a2ac8b47f3e2b8f3ef09a01c06b9963e8a.exe
"C:\Users\Admin\AppData\Local\Temp\ff5735fd5a8212a70382700fbc8644a2ac8b47f3e2b8f3ef09a01c06b9963e8a.exe"
1⤵
PID:2700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2700-115-0x0000000000599000-0x00000000005E8000-memory.dmp

Filesize
316KB

Download
memory/2700-116-0x00000000021F0000-0x000000000227F000-memory.dmp

Filesize
572KB

Download
memory/2700-117-0x0000000000400000-0x0000000000491000-memory.dmp

Filesize
580KB

Download

© 2018-2024

Terms | Privacy