Overview

overview

10

Static

static

2ed43f85be...c8.exe

windows7_x64

10

2ed43f85be...c8.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ed43f85bed23891c761f22ed421c005ba4551fb67d4355bcacd56a7270871c8

  • Size

    18.6MB

  • Sample

    220512-nx2vpsdcb4

  • MD5

    acae63bd282eddc81ba34df297f7acd1

  • SHA1

    6b315d895b86b90da5a3c705c4c0c483a587e691

  • SHA256

    2ed43f85bed23891c761f22ed421c005ba4551fb67d4355bcacd56a7270871c8

  • SHA512

    5bc0e63df4201c160d0ae4b466b74d891a74d4b62f88850c7fe2c63e21644fdc45f09d43bf74578e2c331f09c23e653fe8337b73dca41b04087eeb71a9c79cf0

Score
10/10
raccoon01477de985736a9649ba17ce7a0e68e3dc416fa9stealer

Malware Config

Extracted

Family

raccoon

Botnet

01477de985736a9649ba17ce7a0e68e3dc416fa9

Attributes
  • url4cnc

    https://telete.in/jmaybech

rc4.plain
rc4.plain

Targets

    • Target

      2ed43f85bed23891c761f22ed421c005ba4551fb67d4355bcacd56a7270871c8

    • Size

      18.6MB

    • MD5

      acae63bd282eddc81ba34df297f7acd1

    • SHA1

      6b315d895b86b90da5a3c705c4c0c483a587e691

    • SHA256

      2ed43f85bed23891c761f22ed421c005ba4551fb67d4355bcacd56a7270871c8

    • SHA512

      5bc0e63df4201c160d0ae4b466b74d891a74d4b62f88850c7fe2c63e21644fdc45f09d43bf74578e2c331f09c23e653fe8337b73dca41b04087eeb71a9c79cf0

    Score
    10/10
    raccoon01477de985736a9649ba17ce7a0e68e3dc416fa9stealer

    • Raccoon

      Simple but powerful infostealer which was very active in 2019.

      stealerraccoon

    • Raccoon Stealer Payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks