raccoon | dcf88ad773f7a6b5a16e382d74b99a05bdba5eb282568436b32a6457720216ec | Triage

Sharing

General

Target

dcf88ad773f7a6b5a16e382d74b99a05bdba5eb282568.exe
Size

593KB
Sample

211208-lydhdsheaq
MD5

17d7d479f8344ca0f015eb789155334c
SHA1

ab3075bae5babff2f0c513479a9a7dee2c5244dd
SHA256

dcf88ad773f7a6b5a16e382d74b99a05bdba5eb282568436b32a6457720216ec
SHA512

cf0d9f539db508cb0c559bb251d1f6a1a8adea3c19812c1c6508e72d61f5c5c2dfe77c6c763cc71ac470d9cfa42adb660820f54e69028a211dca2743505082bf

Score

10^/10

raccoon fd4f23250443a724a3d1548e6ab07c481dfc2814 stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

fd4f23250443a724a3d1548e6ab07c481dfc2814

Attributes

url4cnc
http://91.219.236.27/duglassa1
http://94.158.245.167/duglassa1
http://185.163.204.216/duglassa1
http://185.225.19.238/duglassa1
http://185.163.204.218/duglassa1
https://t.me/duglassa1

rc4.plain

rc4.plain

Targets

- Target
  
  dcf88ad773f7a6b5a16e382d74b99a05bdba5eb282568.exe
- Size
  
  593KB
- MD5
  
  17d7d479f8344ca0f015eb789155334c
- SHA1
  
  ab3075bae5babff2f0c513479a9a7dee2c5244dd
- SHA256
  
  dcf88ad773f7a6b5a16e382d74b99a05bdba5eb282568436b32a6457720216ec
- SHA512
  
  cf0d9f539db508cb0c559bb251d1f6a1a8adea3c19812c1c6508e72d61f5c5c2dfe77c6c763cc71ac470d9cfa42adb660820f54e69028a211dca2743505082bf
Score

10^/10

raccoon fd4f23250443a724a3d1548e6ab07c481dfc2814 stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoonfd4f23250443a724a3d1548e6ab07c481dfc2814stealer

behavioral2

raccoonfd4f23250443a724a3d1548e6ab07c481dfc2814stealer