raccoon | 3bf5e55fc9479c1d3f5f90952d9a29fe9ca4279374da2295d9643bf98578641f | Triage

Sharing

General

Target

3bf5e55fc9479c1d3f5f90952d9a29fe9ca4279374da2295d9643bf98578641f
Size

568KB
Sample

220215-rgmbvshacj
MD5

fcbc2c4444fe9dd9a6301f11f504a68b
SHA1

210c74589e3232a1c14659a08ba62d2da4dcd1f7
SHA256

3bf5e55fc9479c1d3f5f90952d9a29fe9ca4279374da2295d9643bf98578641f
SHA512

71cf64e167ae2b3766fec88e996824ce8cafe015b5e7c86f891ccdcf4f515f9922ad8dce845dcbc7ceafbecc837b9847557a467c29616958fdd039dbcb5ef928

Score

10^/10

raccoon 19425a9ea527ab0b3a94d8156a7d2f62d79d3b73 suricata

Malware Config

Extracted

Family

raccoon

Version

1.8.3-hotfix

Botnet

19425a9ea527ab0b3a94d8156a7d2f62d79d3b73

Attributes

url4cnc
http://91.219.236.162/bimboDinotrex
http://185.163.47.176/bimboDinotrex
http://193.38.54.238/bimboDinotrex
http://74.119.192.122/bimboDinotrex
http://91.219.236.240/bimboDinotrex
https://t.me/bimboDinotrex

rc4.plain

rc4.plain

Targets

- Target
  
  3bf5e55fc9479c1d3f5f90952d9a29fe9ca4279374da2295d9643bf98578641f
- Size
  
  568KB
- MD5
  
  fcbc2c4444fe9dd9a6301f11f504a68b
- SHA1
  
  210c74589e3232a1c14659a08ba62d2da4dcd1f7
- SHA256
  
  3bf5e55fc9479c1d3f5f90952d9a29fe9ca4279374da2295d9643bf98578641f
- SHA512
  
  71cf64e167ae2b3766fec88e996824ce8cafe015b5e7c86f891ccdcf4f515f9922ad8dce845dcbc7ceafbecc837b9847557a467c29616958fdd039dbcb5ef928
Score

10^/10

suricata
- suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
  suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

19425a9ea527ab0b3a94d8156a7d2f62d79d3b73raccoon

behavioral1

behavioral2