Overview

overview

10

Static

static

FiIe__Pass...34.exe

windows7_x64

10

FiIe__Pass...34.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FiIe__Password_1234.exe

  • Size

    4.5MB

  • Sample

    220307-xnhj5sffh3

  • MD5

    106c93855dfd7c139ba6e75b429e85f4

  • SHA1

    7fa79747197f6c11fea67df0ca4edd3d2350888c

  • SHA256

    feee37a235fbf4cf5d898b2c0d136b9024adfe43e3f8e631bb48421357170d95

  • SHA512

    419f91ba424650580a591c0a7b3da358b226fa9a7a2b852f33e943f8057f5820d065d1ccf258551d3ff3ca6f7d1867250bc121833c4b77433de8aa6ce3d475c5

Score
10/10
raccoon231a2bef03530ea1eb31f9ad27af7d488aca1ee8stealer

Malware Config

Extracted

Family

raccoon

Botnet

231a2bef03530ea1eb31f9ad27af7d488aca1ee8

Attributes
  • url4cnc

    http://85.159.212.113/sibiusio

    http://185.163.204.81/sibiusio

    http://194.180.191.33/sibiusio

    http://174.138.11.98/sibiusio

    http://194.180.191.44/sibiusio

    http://91.219.236.120/sibiusio

    https://t.me/sibiusio

rc4.plain
rc4.plain

Targets

    • Target

      FiIe__Password_1234.exe

    • Size

      4.5MB

    • MD5

      106c93855dfd7c139ba6e75b429e85f4

    • SHA1

      7fa79747197f6c11fea67df0ca4edd3d2350888c

    • SHA256

      feee37a235fbf4cf5d898b2c0d136b9024adfe43e3f8e631bb48421357170d95

    • SHA512

      419f91ba424650580a591c0a7b3da358b226fa9a7a2b852f33e943f8057f5820d065d1ccf258551d3ff3ca6f7d1867250bc121833c4b77433de8aa6ce3d475c5

    Score
    10/10
    raccoon231a2bef03530ea1eb31f9ad27af7d488aca1ee8stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks