General

  • Size

    527KB

  • Sample

    220502-ccskraeccn

  • MD5

    e0804b5d4735af8595cf296545bb5f01

  • SHA1

    05d5089042faf5a4661b53ad6a3147d7d457820d

  • SHA256

    ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7

  • SHA512

    961bcfe8ee675408e896a53252ff6389ca843e75622685cbb75fe55c290f136c4b1724c074cce86883f16c56491facbe6a82afd11dace6db6799a72b202e569b

Malware Config

Extracted

Family

raccoon

Botnet

42069a99036f7acbe85c9bc67fe3207cd01fb3fc

Attributes
url4cnc
https://telete.in/jagressor_kz
rc4.plain
rc4.plain

Targets

    • Target

      ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7

    • Size

      527KB

    • MD5

      e0804b5d4735af8595cf296545bb5f01

    • SHA1

      05d5089042faf5a4661b53ad6a3147d7d457820d

    • SHA256

      ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7

    • SHA512

      961bcfe8ee675408e896a53252ff6389ca843e75622685cbb75fe55c290f136c4b1724c074cce86883f16c56491facbe6a82afd11dace6db6799a72b202e569b

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

    • Raccoon Stealer Payload

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation