08652b211275d1522371646b2934547200200f7e2d8983afc645011daab4ff16

General
Target

08652b211275d1522371646b2934547200200f7e2d8983afc645011daab4ff16

Size

1MB

Sample

220511-czgrrsdfb9

Score
10 /10
MD5

757e1e334fe85eee689578d50026342e

SHA1

0bbb20de6c3fb428473d2c94bf4993695de77b54

SHA256

08652b211275d1522371646b2934547200200f7e2d8983afc645011daab4ff16

SHA512

3e4b19dbc28abebdc1d0a220ddbfe895e27c673a0b81d19f725fb13fad540bec4c3bbfa6541a6b84dd7771da4c94c110b71e704868ffd8aece0c799efa52258c

Malware Config

Extracted

Family raccoon
Botnet b92a235bffa69e2c5cbe1e5e08c8f58c785cae24
Attributes
url4cnc
https://telete.in/jrubixred
rc4.plain
rc4.plain
Targets
Target

08652b211275d1522371646b2934547200200f7e2d8983afc645011daab4ff16

MD5

757e1e334fe85eee689578d50026342e

Filesize

1MB

Score
10/10
SHA1

0bbb20de6c3fb428473d2c94bf4993695de77b54

SHA256

08652b211275d1522371646b2934547200200f7e2d8983afc645011daab4ff16

SHA512

3e4b19dbc28abebdc1d0a220ddbfe895e27c673a0b81d19f725fb13fad540bec4c3bbfa6541a6b84dd7771da4c94c110b71e704868ffd8aece0c799efa52258c

Tags

Signatures

  • Raccoon

    Description

    Simple but powerful infostealer which was very active in 2019.

    Tags

  • Raccoon Stealer Payload

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation