Overview

overview

10

Static

static

sample.bin.exe

windows7_x64

10

sample.bin.exe

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    15-12-2021 15:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.bin.exe

  • Size

    580KB

  • MD5

    71c3480031525d1a60480d197c6bfe5f

  • SHA1

    8de103d261799c6738c5dca374f5fa6e3959b6ee

  • SHA256

    66a9cbff27e024246451609eaeee179f7e6e8dce3210f6b4e8c24c6a7e49a421

  • SHA512

    bf679994ea1345c586fe9514a0e3b079e91518f08dfdcc365acf52690c8f737a4dbdbba624532ce5b1bace37b9cb670db3983e71c09002b4b41dce3a0b43226a

Score
10/10
raccoon871b18794e3cbbc6476a5b391363702168853a50stealer

Malware Config

Extracted

Family

raccoon

Botnet

871b18794e3cbbc6476a5b391363702168853a50

Attributes
  • url4cnc

    http://194.180.174.53/duglassa1

    http://91.219.236.18/duglassa1

    http://194.180.174.41/duglassa1

    http://91.219.236.148/duglassa1

    https://t.me/duglassa1

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

Processes

  • C:\Users\Admin\AppData\Local\Temp\sample.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\sample.bin.exe"
    1⤵
      PID:3160

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3160-115-0x0000000000657000-0x00000000006A8000-memory.dmp
      Filesize

      324KB

      Download
    • memory/3160-117-0x0000000000400000-0x0000000000512000-memory.dmp
      Filesize

      1.1MB

      Download
    • memory/3160-116-0x00000000022C0000-0x0000000002352000-memory.dmp
      Filesize

      584KB

      Download