new.exe

General
Target

new.exe

Size

1MB

Sample

220513-xvmsfaagg7

Score
10 /10
MD5

e7bf04dbcb6385e7c3f0562ed5f5a8fd

SHA1

7c5e12163101d69be28403ae6402f11defcae0f2

SHA256

075dc5ebf02bbcb7afbf473190e821e583779451f2328474b48c73e03070f914

SHA512

cbc6fdbefcd577944c773b118abd88ca7a2e6dd0c9a5f80b95a98e9b387bba578c4e30615ecaca8d8be4f530d988f679f7936ddd37addb6eb82caf4eaa5282c0

Malware Config

Extracted

Family raccoon
Version 1.7.3
Botnet a5cce470ad0d57aff9fa94b5ee2c0c1fc2d802af
Attributes
url4cnc
https://tttttt.me/baudemars
rc4.plain
rc4.plain
Targets
Target

new.exe

MD5

e7bf04dbcb6385e7c3f0562ed5f5a8fd

Filesize

1MB

Score
10/10
SHA1

7c5e12163101d69be28403ae6402f11defcae0f2

SHA256

075dc5ebf02bbcb7afbf473190e821e583779451f2328474b48c73e03070f914

SHA512

cbc6fdbefcd577944c773b118abd88ca7a2e6dd0c9a5f80b95a98e9b387bba578c4e30615ecaca8d8be4f530d988f679f7936ddd37addb6eb82caf4eaa5282c0

Tags

Signatures

  • Raccoon

    Description

    Simple but powerful infostealer which was very active in 2019.

    Tags

  • Raccoon Stealer Payload

  • suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

    Description

    suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation