raccoon | 7637d1c0f03248e2cec84bbe9af2d0bb1413aa0840a8ef33b8bb13996e29f910 | Triage

Sharing

General

Target

28e83133e1c873ea5db24d1167b1b06b
Size

529KB
Sample

220212-1aq6xafaan
MD5

28e83133e1c873ea5db24d1167b1b06b
SHA1

5ecebdebb550d8bcd69ce196858fe4308995f17e
SHA256

7637d1c0f03248e2cec84bbe9af2d0bb1413aa0840a8ef33b8bb13996e29f910
SHA512

fe44cb28c6809465e8d5e0f653f44207d2eb4e2679c7c805df38ade8f32fe7eb3867014e1b1c8f0021aca9eb33ce383f81b32b7be338f5a428d337bf76a68928

Score

10^/10

raccoon 1c0fad6805a0f65d7b597130eb9f089ffbe9857d stealer suricata

Malware Config

Extracted

Family

raccoon

Botnet

1c0fad6805a0f65d7b597130eb9f089ffbe9857d

Attributes

url4cnc
http://194.180.191.241/capibar

http://103.155.93.35/capibar

https://t.me/capibar

rc4.plain

rc4.plain

Targets

- Target
  
  28e83133e1c873ea5db24d1167b1b06b
- Size
  
  529KB
- MD5
  
  28e83133e1c873ea5db24d1167b1b06b
- SHA1
  
  5ecebdebb550d8bcd69ce196858fe4308995f17e
- SHA256
  
  7637d1c0f03248e2cec84bbe9af2d0bb1413aa0840a8ef33b8bb13996e29f910
- SHA512
  
  fe44cb28c6809465e8d5e0f653f44207d2eb4e2679c7c805df38ade8f32fe7eb3867014e1b1c8f0021aca9eb33ce383f81b32b7be338f5a428d337bf76a68928
Score

10^/10

raccoon 1c0fad6805a0f65d7b597130eb9f089ffbe9857d stealer suricata
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
  suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
  suricata
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealer

behavioral2

raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealersuricata