raccoon | d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294 | Triage

Analysis

max time kernel
146s
max time network
151s
platform
windows7_x64
resource
win7-20220414-en
submitted
20-05-2022 04:00

Sharing

Report Analysis Logs

General

Target

d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294.exe
Size

1.3MB
MD5

32e5b59891ed62dbf7cc6f0163fa801e
SHA1

e3a6a29cddea56cbe6eba31f08e2a1e99f1cb296
SHA256

d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294
SHA512

fe5a60228c9771dce560c168a06827aea87dd864e5d4212b909f855255ad3dbdd47b7f8a48d9daa91478069eb9f1d26f6c7e69b598daae03883667006fed4bd9

Score

10^/10

raccoon 9868f937792390e0d0938eed681c7d5b00945ac3 stealer

Malware Config

Extracted

Family

raccoon

Botnet

9868f937792390e0d0938eed681c7d5b00945ac3

Attributes

url4cnc
https://telete.in/bcarterj

rc4.plain

rc4.plain

Signatures

Raccoon
Simple but powerful infostealer which was very active in 2019.
stealer raccoon

Raccoon Stealer Payload 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1564-56-0x0000000000400000-0x0000000000552000-memory.dmp	family_raccoon

C:\Users\Admin\AppData\Local\Temp\d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294.exe
"C:\Users\Admin\AppData\Local\Temp\d83b2f868d2803bdc3fd133f8fb22282a34a8fc4fa2310bc7188b8ee404ad294.exe"
1⤵
PID:1564

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1564-54-0x0000000075CD1000-0x0000000075CD3000-memory.dmp

Filesize
8KB

Download
memory/1564-55-0x0000000000300000-0x00000000003B5000-memory.dmp

Filesize
724KB

Download
memory/1564-56-0x0000000000400000-0x0000000000552000-memory.dmp

Filesize
1.3MB

Download