Overview

overview

10

Static

static

mixshop_20...54.exe

windows7_x64

10

mixshop_20...54.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mixshop_20220107-194654

  • Size

    692KB

  • Sample

    220107-xgsfrsdaal

  • MD5

    57a83608635ab5e3e5dc19874d6c3714

  • SHA1

    c8b348983978b9f502ca2e4446e733697d98df00

  • SHA256

    080447b503909947c30b1727534f731a9692ed8fb2d368395caf891e94c5030f

  • SHA512

    c614dc1e2c449451a814b6dd5b0c2479f7deff688ab5e8088e31c1840e9fc58670d2d9aba510ccb45f52675dc209ba9729217645b1b4819b1526a18b2c3e9d46

Score
10/10
raccoon10da56e7e71e97bdc1f36eb76813bbc3231de7e4stealer

Malware Config

Extracted

Family

raccoon

Botnet

10da56e7e71e97bdc1f36eb76813bbc3231de7e4

Attributes
  • url4cnc

    http://194.180.174.53/capibar

    http://91.219.236.18/capibar

    http://194.180.174.41/capibar

    http://91.219.236.148/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Targets

    • Target

      mixshop_20220107-194654

    • Size

      692KB

    • MD5

      57a83608635ab5e3e5dc19874d6c3714

    • SHA1

      c8b348983978b9f502ca2e4446e733697d98df00

    • SHA256

      080447b503909947c30b1727534f731a9692ed8fb2d368395caf891e94c5030f

    • SHA512

      c614dc1e2c449451a814b6dd5b0c2479f7deff688ab5e8088e31c1840e9fc58670d2d9aba510ccb45f52675dc209ba9729217645b1b4819b1526a18b2c3e9d46

    Score
    10/10
    raccoon10da56e7e71e97bdc1f36eb76813bbc3231de7e4stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks