raccoon | fdc055799366348b8e400ea31434208e768317c1495b4b019f89829e344009e1 | Triage

Analysis

max time kernel
146s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
10-05-2022 18:54

Sharing

Report Analysis Logs

General

Target

fdc055799366348b8e400ea31434208e768317c1495b4b019f89829e344009e1.exe
Size

373KB
MD5

7e4a9d30bf65de75262cb1bce111dfb7
SHA1

5394765f6a6ce97d1450f18103291bb4eb164dc8
SHA256

fdc055799366348b8e400ea31434208e768317c1495b4b019f89829e344009e1
SHA512

e5e132b10e546ed0a272c2bf27ca4517804c95e572415de7c6f4cbeeca346aa9f7127e8ed5fc1adfbe252f892c37cac9dabed6bafb968fa3918851bed86065fb

Score

10^/10

raccoon 42069a99036f7acbe85c9bc67fe3207cd01fb3fc stealer

Malware Config

Extracted

Family

raccoon

Botnet

42069a99036f7acbe85c9bc67fe3207cd01fb3fc

Attributes

url4cnc
https://telete.in/jagressor_kz

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Raccoon Stealer Payload 2 IoCs

Processes:

resource	yara_rule
behavioral2/memory/948-131-0x0000000001050000-0x00000000010E0000-memory.dmp	family_raccoon
behavioral2/memory/948-132-0x0000000000400000-0x0000000000FBA000-memory.dmp	family_raccoon

C:\Users\Admin\AppData\Local\Temp\fdc055799366348b8e400ea31434208e768317c1495b4b019f89829e344009e1.exe
"C:\Users\Admin\AppData\Local\Temp\fdc055799366348b8e400ea31434208e768317c1495b4b019f89829e344009e1.exe"
1⤵
PID:948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/948-130-0x0000000001119000-0x0000000001169000-memory.dmp

Filesize
320KB

Download
memory/948-131-0x0000000001050000-0x00000000010E0000-memory.dmp

Filesize
576KB

Download
memory/948-132-0x0000000000400000-0x0000000000FBA000-memory.dmp

Filesize
11.7MB

Download