Overview

overview

10

Static

static

c26457910d...66.exe

windows7_x64

10

c26457910d...66.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c26457910dcb8a2902490f27edc3422987f1f0d1bd4e6bef1fed129e9e024366

  • Size

    1.7MB

  • Sample

    220417-rfce9saca2

  • MD5

    123dfe52fd9940c6fbc8c5b40506f01e

  • SHA1

    8c4d92aa1aa61c1d529e1f9ac2dc2787b580f349

  • SHA256

    c26457910dcb8a2902490f27edc3422987f1f0d1bd4e6bef1fed129e9e024366

  • SHA512

    e9752fa42dd8e762a9f67b77f0b76a5ed75840f6a1443fddee69c693eabe486d6b906e208559bfbf3ec281c603e09a9b25118946e4e43e7ef13ff36bfbc0689b

Score
10/10
raccoonc763e433ef51ff4b6c545800e4ba3b3b1a2ea077stealer

Malware Config

Extracted

Family

raccoon

Botnet

c763e433ef51ff4b6c545800e4ba3b3b1a2ea077

Attributes
  • url4cnc

    https://telete.in/jbitchsucks

rc4.plain
rc4.plain

Targets

    • Target

      c26457910dcb8a2902490f27edc3422987f1f0d1bd4e6bef1fed129e9e024366

    • Size

      1.7MB

    • MD5

      123dfe52fd9940c6fbc8c5b40506f01e

    • SHA1

      8c4d92aa1aa61c1d529e1f9ac2dc2787b580f349

    • SHA256

      c26457910dcb8a2902490f27edc3422987f1f0d1bd4e6bef1fed129e9e024366

    • SHA512

      e9752fa42dd8e762a9f67b77f0b76a5ed75840f6a1443fddee69c693eabe486d6b906e208559bfbf3ec281c603e09a9b25118946e4e43e7ef13ff36bfbc0689b

    Score
    10/10
    raccoonc763e433ef51ff4b6c545800e4ba3b3b1a2ea077stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Raccoon Stealer Payload

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks