General

  • Target

    e7d425e0e6831caccd9be3c1d0a6ff4d5dcf9ce5c796c5df93f6d29d58176210

  • Size

    2.1MB

  • Sample

    220418-m5frrsfhc9

  • MD5

    da8a87f5c6b8fe7a48fec45e9c52d676

  • SHA1

    765be65de8222ffa730bd567a659daf0e80c6c44

  • SHA256

    e7d425e0e6831caccd9be3c1d0a6ff4d5dcf9ce5c796c5df93f6d29d58176210

  • SHA512

    94171a000ece14c5d3394efb587326c563ec4978500ad3c1f71181dbfceb4eb19e4abe48dee6b7bc818bec3cf7305281808cacf380e7cf19bc0b4a50252914dc

Malware Config

Extracted

Family

raccoon

Botnet

c763e433ef51ff4b6c545800e4ba3b3b1a2ea077

Attributes
  • url4cnc

    https://telete.in/jbitchsucks

rc4.plain
rc4.plain

Targets

    • Target

      e7d425e0e6831caccd9be3c1d0a6ff4d5dcf9ce5c796c5df93f6d29d58176210

    • Size

      2.1MB

    • MD5

      da8a87f5c6b8fe7a48fec45e9c52d676

    • SHA1

      765be65de8222ffa730bd567a659daf0e80c6c44

    • SHA256

      e7d425e0e6831caccd9be3c1d0a6ff4d5dcf9ce5c796c5df93f6d29d58176210

    • SHA512

      94171a000ece14c5d3394efb587326c563ec4978500ad3c1f71181dbfceb4eb19e4abe48dee6b7bc818bec3cf7305281808cacf380e7cf19bc0b4a50252914dc

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

    • Raccoon Stealer Payload

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks