General

  • Size

    494KB

  • Sample

    220502-caynzshdf6

  • MD5

    3ca3f57ff7605cd9e91f07f8ad0f1f15

  • SHA1

    8cb6e34631bdc5b9e8a8c21ec82d10ef180a6549

  • SHA256

    c3f193f4b5edbc7085aa15c97a4bb2e5eb65fa149198f981efbdb0df73a84e3f

  • SHA512

    1c90e6ebbfbd89dc74c0248510caf72e3795a881a835f881ef2906fc7dd7223e79dac6dc900c4b98d93d9cb53681c2a8c360e6465dd4ac38c8bdabdbef7ddba0

Malware Config

Extracted

Family

raccoon

Botnet

42069a99036f7acbe85c9bc67fe3207cd01fb3fc

Attributes
url4cnc
https://telete.in/jagressor_kz
rc4.plain
rc4.plain

Targets

    • Target

      c3f193f4b5edbc7085aa15c97a4bb2e5eb65fa149198f981efbdb0df73a84e3f

    • Size

      494KB

    • MD5

      3ca3f57ff7605cd9e91f07f8ad0f1f15

    • SHA1

      8cb6e34631bdc5b9e8a8c21ec82d10ef180a6549

    • SHA256

      c3f193f4b5edbc7085aa15c97a4bb2e5eb65fa149198f981efbdb0df73a84e3f

    • SHA512

      1c90e6ebbfbd89dc74c0248510caf72e3795a881a835f881ef2906fc7dd7223e79dac6dc900c4b98d93d9cb53681c2a8c360e6465dd4ac38c8bdabdbef7ddba0

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

    • Raccoon Stealer Payload

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation