Overview

overview

10

Static

static

e8aeaeb954...48.exe

windows7_x64

10

e8aeaeb954...48.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e8aeaeb95489329c4eb0e16fc52a6048.exe

  • Size

    605KB

  • Sample

    211214-sx2l6aghfk

  • MD5

    e8aeaeb95489329c4eb0e16fc52a6048

  • SHA1

    8a720a6dc48514afb1614c918fe0840367a6844c

  • SHA256

    932c8b3ba3578063a51926fe1f34435afb522b9466e32ac1770afdb6645e15e6

  • SHA512

    dda12463e8203a21d206da8a7818ea191eccab6d33e02e965604be94ff01bfc1dad09e03fceb88408579e0bbcfe96ace561a5a047ddbf0d3ac978810012aed4f

Score
10/10
raccoonf797145799b7b1b77b35d81de942eee0908da519stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

f797145799b7b1b77b35d81de942eee0908da519

Attributes
  • url4cnc

    http://91.219.236.27/capibar

    http://94.158.245.167/capibar

    http://185.163.204.216/capibar

    http://185.225.19.238/capibar

    http://185.163.204.218/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Targets

    • Target

      e8aeaeb95489329c4eb0e16fc52a6048.exe

    • Size

      605KB

    • MD5

      e8aeaeb95489329c4eb0e16fc52a6048

    • SHA1

      8a720a6dc48514afb1614c918fe0840367a6844c

    • SHA256

      932c8b3ba3578063a51926fe1f34435afb522b9466e32ac1770afdb6645e15e6

    • SHA512

      dda12463e8203a21d206da8a7818ea191eccab6d33e02e965604be94ff01bfc1dad09e03fceb88408579e0bbcfe96ace561a5a047ddbf0d3ac978810012aed4f

    Score
    10/10
    raccoonf797145799b7b1b77b35d81de942eee0908da519stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks