raccoon | 5e4ad329433655e942706e02361b10c21caed15d46cf924a7ebe153932f105ae | Triage

Submit
Reports

Overview

overview

Static

static

appconsole.exe

windows7_x64

appconsole.exe

windows10-2004_x64

azorult.exe

windows7_x64

azorult.exe

windows10-2004_x64

clipper.exe

windows7_x64

1

clipper.exe

windows10-2004_x64

1

jester_stealer.exe

windows7_x64

jester_stealer.exe

windows10-2004_x64

lokibot.exe

windows7_x64

lokibot.exe

windows10-2004_x64

pony.exe

windows7_x64

pony.exe

windows10-2004_x64

raccoon.exe

windows7_x64

raccoon.exe

windows10-2004_x64

redline.exe

windows7_x64

redline.exe

windows10-2004_x64

tesla.exe

windows7_x64

tesla.exe

windows10-2004_x64

vidar.xll

windows7_x64

7

vidar.xll

windows10-2004_x64

Analysis

max time kernel
601s
max time network
604s
platform
windows7_x64
resource
win7-20220414-en
submitted
28-04-2022 07:35

Sharing

Static task

static1

monika_galager @solitarru stormkitty jester lokibot pony redline

Behavioral task

behavioral1

Sample

appconsole.exe

Resource

win7-20220414-en

stormkitty stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

appconsole.exe

Resource

win10v2004-20220414-en

stormkitty spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

azorult.exe

Resource

win7-20220414-en

azorult infostealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

azorult.exe

Resource

win10v2004-20220414-en

azorult infostealer trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

clipper.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

clipper.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

jester_stealer.exe

Resource

win7-20220414-en

jester monika_galager collection spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

jester_stealer.exe

Resource

win10v2004-20220414-en

jester monika_galager collection spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

lokibot.exe

Resource

win7-20220414-en

lokibot collection spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

lokibot.exe

Resource

win10v2004-20220414-en

lokibot collection spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

pony.exe

Resource

win7-20220414-en

pony collection discovery rat spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

pony.exe

Resource

win10v2004-20220414-en

pony collection discovery rat spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

raccoon.exe

Resource

win7-20220414-en

raccoon f0dbf04a98246f76fda91e716237165f98a51abe stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

raccoon.exe

Resource

win10v2004-20220414-en

raccoon f0dbf04a98246f76fda91e716237165f98a51abe stealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

redline.exe

Resource

win7-20220414-en

redline @solitarru infostealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

redline.exe

Resource

win10v2004-20220414-en

redline @solitarru infostealer

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

tesla.exe

Resource

win7-20220414-en

agenttesla collection keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

tesla.exe

Resource

win10v2004-20220414-en

agenttesla collection keylogger persistence spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

vidar.xll

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

vidar.xll

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

raccoon.exe
Size

506KB
MD5

f34cac12ad52c250c2381327d5f5939b
SHA1

c56cbb5d8ba97932d49146183ecc31045c80b068
SHA256

54eb27e976cab1b8ef3173149bf1ed638562fd5aecd90d61ad9632ace9b8abf2
SHA512

1fdd063be68392a8f4e49a700778d1655684a45496d372b50ca58e3808ff2526bf16c8db88b78f4ba5b9b56745751ab504d186e651febeefeb8c326c1225705b

Score

10^/10

raccoon f0dbf04a98246f76fda91e716237165f98a51abe stealer

Malware Config

Extracted

Family

raccoon

Version

1.8.1

Botnet

f0dbf04a98246f76fda91e716237165f98a51abe

Attributes

url4cnc
https://telete.in/iopioldpsergdg

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Processes

C:\Users\Admin\AppData\Local\Temp\raccoon.exe
"C:\Users\Admin\AppData\Local\Temp\raccoon.exe"
1⤵
PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1976-54-0x00000000750C1000-0x00000000750C3000-memory.dmp

Filesize
8KB

Download
memory/1976-55-0x000000000222B000-0x000000000227B000-memory.dmp

Filesize
320KB

Download
memory/1976-56-0x0000000000320000-0x00000000003B0000-memory.dmp

Filesize
576KB

Download
memory/1976-57-0x0000000000400000-0x000000000219B000-memory.dmp

Filesize
29.6MB

Download

© 2018-2025

Terms | Privacy