Overview

overview

10

Static

static

58d7e35759...28.exe

windows7_x64

10

58d7e35759...28.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    58d7e357594a96aa4262ce2fa75e0328

  • Size

    666KB

  • Sample

    220308-mtz19sgfdj

  • MD5

    58d7e357594a96aa4262ce2fa75e0328

  • SHA1

    e530fd68429b06ba4950fee5e4ea48ba0c33e013

  • SHA256

    dacb3244a7ab72f942a4f9f18b8f559ef88082e62e88cd147907f452a29f2a2c

  • SHA512

    02ee9e1d62b9b56f3c2cc3a7a9d34acdce8e43a619c10314faf25b2a9fe1f06b7bd32764b3ce0b697685cf9bc9ad4faba0c899d4fe046a9cfe41dcac35b63eea

Score
10/10
raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealersuricata

Malware Config

Extracted

Family

raccoon

Botnet

1c0fad6805a0f65d7b597130eb9f089ffbe9857d

Attributes
  • url4cnc

    http://194.180.191.241/capibar

    http://103.155.93.35/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Targets

    • Target

      58d7e357594a96aa4262ce2fa75e0328

    • Size

      666KB

    • MD5

      58d7e357594a96aa4262ce2fa75e0328

    • SHA1

      e530fd68429b06ba4950fee5e4ea48ba0c33e013

    • SHA256

      dacb3244a7ab72f942a4f9f18b8f559ef88082e62e88cd147907f452a29f2a2c

    • SHA512

      02ee9e1d62b9b56f3c2cc3a7a9d34acdce8e43a619c10314faf25b2a9fe1f06b7bd32764b3ce0b697685cf9bc9ad4faba0c899d4fe046a9cfe41dcac35b63eea

    Score
    10/10
    raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealersuricata

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

      suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

      suricata
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks