Overview

overview

10

Static

static

0B668D0AC8...C0.exe

windows7_x64

10

0B668D0AC8...C0.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0B668D0AC89D5DA1526BE831F7B8C3F2AF54C5DBC68C0.exe

  • Size

    1.2MB

  • Sample

    220128-zxsgtadefp

  • MD5

    4bb6c620715fe25e76d4cca1e68bef89

  • SHA1

    0cf2a7aad7ad7a804ca2b7ccaea1a6aadd75fb80

  • SHA256

    0b668d0ac89d5da1526be831f7b8c3f2af54c5dbc68c0c9ce886183ec518c051

  • SHA512

    59203e7c93eda1698f25ee000c7be02d39eee5a0c3f615ae6b540c7a76e6d47265d4354fa38be5206810e6b035b8be1794ebe324c0e9db33360a4f0dd3910549

Score
10/10
raccoonefc20640b4b1564934471e6297b87d8657db774astealersuricata

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

efc20640b4b1564934471e6297b87d8657db774a

Attributes
  • url4cnc

    http://91.219.236.162/jredmankun

    http://185.163.47.176/jredmankun

    http://193.38.54.238/jredmankun

    http://74.119.192.122/jredmankun

    http://91.219.236.240/jredmankun

    https://t.me/jredmankun

rc4.plain
rc4.plain

Targets

    • Target

      0B668D0AC89D5DA1526BE831F7B8C3F2AF54C5DBC68C0.exe

    • Size

      1.2MB

    • MD5

      4bb6c620715fe25e76d4cca1e68bef89

    • SHA1

      0cf2a7aad7ad7a804ca2b7ccaea1a6aadd75fb80

    • SHA256

      0b668d0ac89d5da1526be831f7b8c3f2af54c5dbc68c0c9ce886183ec518c051

    • SHA512

      59203e7c93eda1698f25ee000c7be02d39eee5a0c3f615ae6b540c7a76e6d47265d4354fa38be5206810e6b035b8be1794ebe324c0e9db33360a4f0dd3910549

    Score
    10/10
    raccoonefc20640b4b1564934471e6297b87d8657db774astealersuricata

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6

      suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6

      suricata

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks