raccoon | f727e8d2b76ab519e194feea2aca8ceea90c34d614d01ab1729169804420fd2f | Triage

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
10-05-2022 22:29

Sharing

Report Analysis Logs

General

Target

new.exe
Size

1.3MB
MD5

dfd74d888251e8c77accc4994bbccc5b
SHA1

7974151d4f6bf014dbf02409beb68b93c0e215f9
SHA256

f727e8d2b76ab519e194feea2aca8ceea90c34d614d01ab1729169804420fd2f
SHA512

3635de1c9d2f28e528aafe2311554fc8c02fdc9a97ad385438a4c051df591ac34d0baa6f61e57ea302f8fdef746131909dc30745f929c89450afe0b060cf0e57

Score

10^/10

raccoon bb8d3701ca5d8e031967c87b862623b34997b3d1 stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.3

Botnet

bb8d3701ca5d8e031967c87b862623b34997b3d1

Attributes

url4cnc
https://telete.in/jdiamond13

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Raccoon Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/4908-132-0x00000000025B0000-0x0000000002641000-memory.dmp	family_raccoon
behavioral1/memory/4908-133-0x0000000000400000-0x0000000000942000-memory.dmp	family_raccoon

C:\Users\Admin\AppData\Local\Temp\new.exe
"C:\Users\Admin\AppData\Local\Temp\new.exe"
1⤵
PID:4908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4908-130-0x0000000000400000-0x0000000000942000-memory.dmp

Filesize
5.3MB

Download
memory/4908-131-0x0000000000A39000-0x0000000000A88000-memory.dmp

Filesize
316KB

Download
memory/4908-132-0x00000000025B0000-0x0000000002641000-memory.dmp

Filesize
580KB

Download
memory/4908-133-0x0000000000400000-0x0000000000942000-memory.dmp

Filesize
5.3MB

Download