Overview

overview

10

Static

static

bdf3b101d4...9c.exe

windows7_x64

10

bdf3b101d4...9c.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    136s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    17-01-2022 23:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bdf3b101d4c3bb29b543b42d854f1e9c.exe

  • Size

    584KB

  • MD5

    bdf3b101d4c3bb29b543b42d854f1e9c

  • SHA1

    9a2c6ff211c29ba567b15b9fdcf2ed11354ce377

  • SHA256

    09269b6f64fcb4394dbfba6c10b0f504c2e2d5c57aa04c42cd2c0c05aee2f9b8

  • SHA512

    16e096bce2b50ca0dc132e458ff4fe2a52f116331962515fff859eb7d828774f20a62706704a069f984fccf3692c44a2588408906ef4115a42c726a555c8f9ac

Score
10/10
raccoon470193d69fd872b73819c5e70dc68242c10ccbcestealer

Malware Config

Extracted

Family

raccoon

Version

1.8.5

Botnet

470193d69fd872b73819c5e70dc68242c10ccbce

Attributes
  • url4cnc

    http://185.163.204.22/capibar

    http://178.62.113.205/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Signatures

  • Raccoon

    Simple but powerful infostealer which was very active in 2019.

    stealerraccoon

Processes

  • C:\Users\Admin\AppData\Local\Temp\bdf3b101d4c3bb29b543b42d854f1e9c.exe
    "C:\Users\Admin\AppData\Local\Temp\bdf3b101d4c3bb29b543b42d854f1e9c.exe"
    1⤵
      PID:1516

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1516-53-0x00000000007CB000-0x000000000081C000-memory.dmp
      Filesize

      324KB

      Download
    • memory/1516-54-0x0000000075471000-0x0000000075473000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1516-55-0x0000000000220000-0x00000000002B2000-memory.dmp
      Filesize

      584KB

      Download
    • memory/1516-56-0x0000000000400000-0x0000000000619000-memory.dmp
      Filesize

      2.1MB

      Download