a545427f66acdd24efe786fac9e95492a4c057b0f2a0901c1819ef8b7aec0ed0

General
Target

a545427f66acdd24efe786fac9e95492a4c057b0f2a0901c1819ef8b7aec0ed0

Size

28MB

Sample

220511-czd1wagdbl

Score
10 /10
MD5

3b76d79c5d82fd3db6fdce23f85f0087

SHA1

a335061749d551401c45bbdc7addaec42d8f5917

SHA256

a545427f66acdd24efe786fac9e95492a4c057b0f2a0901c1819ef8b7aec0ed0

SHA512

ab172f5fd057c2c840ccfe6619503eb6957406139fbf621b2b8f386af75b86257f3ac32992209f63a6df608b236c0f9f828c8f784e26fa795cdd489ee6dc2124

Malware Config

Extracted

Family raccoon
Botnet b92a235bffa69e2c5cbe1e5e08c8f58c785cae24
Attributes
url4cnc
https://telete.in/jrubixred
rc4.plain
rc4.plain
Targets
Target

a545427f66acdd24efe786fac9e95492a4c057b0f2a0901c1819ef8b7aec0ed0

MD5

3b76d79c5d82fd3db6fdce23f85f0087

Filesize

28MB

Score
10/10
SHA1

a335061749d551401c45bbdc7addaec42d8f5917

SHA256

a545427f66acdd24efe786fac9e95492a4c057b0f2a0901c1819ef8b7aec0ed0

SHA512

ab172f5fd057c2c840ccfe6619503eb6957406139fbf621b2b8f386af75b86257f3ac32992209f63a6df608b236c0f9f828c8f784e26fa795cdd489ee6dc2124

Tags

Signatures

  • Raccoon

    Description

    Simple but powerful infostealer which was very active in 2019.

    Tags

  • Raccoon Stealer Payload

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          1/10