8256fb70454da346b588b8d884ef5ffc0631c1dceeee515a0c92989d36dedd10

Target

Size

1MB

Sample

220520-dpmqpshhcl

Score

10 ^/10

MD5

66afe24b36275f561cf6318653aaa6f4

SHA1

94f4bdd9e38b17fac52471936cf7173d37cd001e

SHA256

8256fb70454da346b588b8d884ef5ffc0631c1dceeee515a0c92989d36dedd10

SHA512

4b99387f9b0b01ee25d0f728c735cb7d2f564602eb934b4ef7898e6ad532f2ccb304ed99ea9eab93bacfdcb81d01911ca0a0a5ebc75e4f92200ec760238bb582

Extracted

Family	raccoon
Botnet	98ade1e00a4f6f9a223d8d49f21aeb26d0c74b4a
Attributes	url4cnc https://drive.google.com/uc?export=download&id=1oyq2bglZBUpcWekyvuAsh8ZchXcReacH
rc4.plain
rc4.plain

Target

8256fb70454da346b588b8d884ef5ffc0631c1dceeee515a0c92989d36dedd10

MD5

66afe24b36275f561cf6318653aaa6f4

Filesize

1MB

Score

10^/10

SHA1

94f4bdd9e38b17fac52471936cf7173d37cd001e

SHA256

8256fb70454da346b588b8d884ef5ffc0631c1dceeee515a0c92989d36dedd10

SHA512

4b99387f9b0b01ee25d0f728c735cb7d2f564602eb934b4ef7898e6ad532f2ccb304ed99ea9eab93bacfdcb81d01911ca0a0a5ebc75e4f92200ec760238bb582

Signatures

Raccoon
Description

Simple but powerful infostealer which was very active in 2019.
Tags

stealer raccoon
Raccoon Stealer Payload
Legitimate hosting services abused for malware hosting/C2
TTPs

Web Service
Suspicious use of SetThreadContext

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Web Service

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

3^/10

behavioral2

raccoon 98ade1e00a4f6f9a223d8d49f21aeb26d0c74b4a stealer

10^/10

Extracted

Tags

Signatures

Raccoon

Description

Tags

Raccoon Stealer Payload

Legitimate hosting services abused for malware hosting/C2

TTPs

Suspicious use of SetThreadContext

Related Tasks

static1

behavioral1

behavioral2