raccoon | cc101e7a1058dd776445b05aa7aacde7fad065a09dd0b637dfa8fad7f49e0370 | Triage

Analysis

max time kernel
146s
max time network
151s
platform
windows7_x64
resource
win7-20220414-en
submitted
08-07-2022 07:59

Sharing

Report Analysis Logs

General

Target

cc101e7a1058dd776445b05aa7aacde7fad065a09dd0b637dfa8fad7f49e0370.exe
Size

546KB
MD5

7e37db2de75f70a47737eaddba166cd9
SHA1

a707787d05084a19aa55a00553a3e750ad141693
SHA256

cc101e7a1058dd776445b05aa7aacde7fad065a09dd0b637dfa8fad7f49e0370
SHA512

530ec256a594ec7a5cf15ff4e92730a164b3d03b67cd81b19cafa0c10bcbf2a353fda59c71d7ee34839c6fdf8538525e83b0bb927f6750ceb3ec41e5ee80df46

Score

10^/10

raccoon 9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab stealer

Malware Config

Extracted

Family

raccoon

Version

1.7.2

Botnet

9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab

Attributes

url4cnc
https://telete.in/jagressor_kz

rc4.plain

rc4.plain

Signatures

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer payload 2 IoCs

Processes:

resource	yara_rule
behavioral1/memory/892-55-0x0000000000400000-0x0000000004DE6000-memory.dmp	family_raccoon
behavioral1/memory/892-57-0x0000000000300000-0x0000000000392000-memory.dmp	family_raccoon

C:\Users\Admin\AppData\Local\Temp\cc101e7a1058dd776445b05aa7aacde7fad065a09dd0b637dfa8fad7f49e0370.exe
"C:\Users\Admin\AppData\Local\Temp\cc101e7a1058dd776445b05aa7aacde7fad065a09dd0b637dfa8fad7f49e0370.exe"
1⤵
PID:892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/892-54-0x0000000076561000-0x0000000076563000-memory.dmp

Filesize
8KB

Download
memory/892-55-0x0000000000400000-0x0000000004DE6000-memory.dmp

Filesize
73.9MB

Download
memory/892-56-0x0000000004EDA000-0x0000000004F2A000-memory.dmp

Filesize
320KB

Download
memory/892-57-0x0000000000300000-0x0000000000392000-memory.dmp

Filesize
584KB

Download