General
-
Target
ce8eea9ecacd36ac26bfae5dacd690d09d3e86f5a916b6dc33425fc8ce7aa5fa
-
Size
6.4MB
-
Sample
220309-b2k2jacae7
-
MD5
fa4b2cef44dffb47ee11beb3991419dc
-
SHA1
aaee397957317398979e4a1bf0a8306a9d2926bd
-
SHA256
ce8eea9ecacd36ac26bfae5dacd690d09d3e86f5a916b6dc33425fc8ce7aa5fa
-
SHA512
f4ce6f2a78c6af30cdbcb6dad983592af2ca3c209b55356d739c45cee850fcbb1f7de30a85384aa20524f5ef52ab464b7cef1c599a2fa9adc2fbdbda6ab354bc
Static task
static1
Behavioral task
behavioral1
Sample
ce8eea9ecacd36ac26bfae5dacd690d09d3e86f5a916b6dc33425fc8ce7aa5fa.exe
Resource
win7-en-20211208
Malware Config
Extracted
raccoon
1.7.1-hotfix
5eaa41b3101d5537f786a35da1878f0d1d760e53
-
url4cnc
https://telete.in/jbitchsucks
Targets
-
-
Target
ce8eea9ecacd36ac26bfae5dacd690d09d3e86f5a916b6dc33425fc8ce7aa5fa
-
Size
6.4MB
-
MD5
fa4b2cef44dffb47ee11beb3991419dc
-
SHA1
aaee397957317398979e4a1bf0a8306a9d2926bd
-
SHA256
ce8eea9ecacd36ac26bfae5dacd690d09d3e86f5a916b6dc33425fc8ce7aa5fa
-
SHA512
f4ce6f2a78c6af30cdbcb6dad983592af2ca3c209b55356d739c45cee850fcbb1f7de30a85384aa20524f5ef52ab464b7cef1c599a2fa9adc2fbdbda6ab354bc
-
Modifies security service
-
Raccoon Stealer Payload
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-