raccoon | 1ee261129b9e2370a045116534b6d9669c8b2d9315ba2f1a9124888a60bc5acf | Triage

Sharing

General

Target

80ea5601dfddd352cad47e20c2e77f86
Size

588KB
Sample

220118-awvhcaehgj
MD5

80ea5601dfddd352cad47e20c2e77f86
SHA1

737686816b88d96fa63edfd916da29d882f8ea55
SHA256

1ee261129b9e2370a045116534b6d9669c8b2d9315ba2f1a9124888a60bc5acf
SHA512

212b46d79c6c7b71de2d0e51083ca20322cfbc41f5add34c1f8a2111cdbd6f12577a6bb8a81b3a33cfb26aefd638f0567bb66643e282621fe9058235b657f30f

Score

10^/10

raccoon 628dbe616eb46c5e66398ea6a12fa931e1f38eaf stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.5

Botnet

628dbe616eb46c5e66398ea6a12fa931e1f38eaf

Attributes

url4cnc
http://185.163.204.22/capibar
http://178.62.113.205/capibar
https://t.me/capibar

rc4.plain

rc4.plain

Targets

- Target
  
  80ea5601dfddd352cad47e20c2e77f86
- Size
  
  588KB
- MD5
  
  80ea5601dfddd352cad47e20c2e77f86
- SHA1
  
  737686816b88d96fa63edfd916da29d882f8ea55
- SHA256
  
  1ee261129b9e2370a045116534b6d9669c8b2d9315ba2f1a9124888a60bc5acf
- SHA512
  
  212b46d79c6c7b71de2d0e51083ca20322cfbc41f5add34c1f8a2111cdbd6f12577a6bb8a81b3a33cfb26aefd638f0567bb66643e282621fe9058235b657f30f
Score

10^/10

raccoon 628dbe616eb46c5e66398ea6a12fa931e1f38eaf stealer
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

raccoon628dbe616eb46c5e66398ea6a12fa931e1f38eafstealer

behavioral2

raccoon628dbe616eb46c5e66398ea6a12fa931e1f38eafstealer