raccoon | 66a9cbff27e024246451609eaeee179f7e6e8dce3210f6b4e8c24c6a7e49a421 | Triage

Sharing

General

Target

sample.bin
Size

580KB
Sample

211215-s71gvahhf9
MD5

71c3480031525d1a60480d197c6bfe5f
SHA1

8de103d261799c6738c5dca374f5fa6e3959b6ee
SHA256

66a9cbff27e024246451609eaeee179f7e6e8dce3210f6b4e8c24c6a7e49a421
SHA512

bf679994ea1345c586fe9514a0e3b079e91518f08dfdcc365acf52690c8f737a4dbdbba624532ce5b1bace37b9cb670db3983e71c09002b4b41dce3a0b43226a

Score

10^/10

raccoon 871b18794e3cbbc6476a5b391363702168853a50 stealer

Malware Config

Extracted

Family

raccoon

Botnet

871b18794e3cbbc6476a5b391363702168853a50

Attributes

url4cnc
http://194.180.174.53/duglassa1
http://91.219.236.18/duglassa1
http://194.180.174.41/duglassa1
http://91.219.236.148/duglassa1
https://t.me/duglassa1

rc4.plain

rc4.plain

Targets

- Target
  
  sample.bin
- Size
  
  580KB
- MD5
  
  71c3480031525d1a60480d197c6bfe5f
- SHA1
  
  8de103d261799c6738c5dca374f5fa6e3959b6ee
- SHA256
  
  66a9cbff27e024246451609eaeee179f7e6e8dce3210f6b4e8c24c6a7e49a421
- SHA512
  
  bf679994ea1345c586fe9514a0e3b079e91518f08dfdcc365acf52690c8f737a4dbdbba624532ce5b1bace37b9cb670db3983e71c09002b4b41dce3a0b43226a
Score

10^/10

raccoon 871b18794e3cbbc6476a5b391363702168853a50 stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon871b18794e3cbbc6476a5b391363702168853a50stealer

behavioral2

raccoon871b18794e3cbbc6476a5b391363702168853a50stealer