Analysis
-
max time kernel
150s -
max time network
211s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
08-07-2022 14:42
General
-
Target
616830d4b651a3870eedc282d5cc91066999912229295f11aacc775a3f0a7eb7.exe
-
Size
1.3MB
-
MD5
b09244cb74b0647808998f8a8831d924
-
SHA1
dd901432167f3d96c65d8b5fed6f7c90a2ee7e4b
-
SHA256
616830d4b651a3870eedc282d5cc91066999912229295f11aacc775a3f0a7eb7
-
SHA512
72d3862c47bf338e90e1006ca03b8abda93940fdfeb924b40da9ba68c196489815541e0768a79222800c04643bde091290be8fb59d482633541a721b8cbc9553
Score
10/10
Malware Config
Extracted
Family
raccoon
Version
1.7.2
Botnet
9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab
Attributes
-
url4cnc
https://telete.in/jagressor_kz
rc4.plain
rc4.plain
Signatures
-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Raccoon Stealer payload 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\616830d4b651a3870eedc282d5cc91066999912229295f11aacc775a3f0a7eb7.exe"C:\Users\Admin\AppData\Local\Temp\616830d4b651a3870eedc282d5cc91066999912229295f11aacc775a3f0a7eb7.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/964-54-0x0000000000400000-0x000000000440A000-memory.dmpFilesize
64.0MB
-
memory/964-55-0x0000000004499000-0x00000000044E9000-memory.dmpFilesize
320KB
-
memory/964-56-0x00000000753B1000-0x00000000753B3000-memory.dmpFilesize
8KB
-
memory/964-57-0x0000000004499000-0x00000000044E9000-memory.dmpFilesize
320KB
-
memory/964-58-0x00000000002A0000-0x0000000000332000-memory.dmpFilesize
584KB
-
memory/964-59-0x0000000000400000-0x000000000440A000-memory.dmpFilesize
64.0MB
-
memory/964-60-0x0000000004499000-0x00000000044E9000-memory.dmpFilesize
320KB
-
memory/964-61-0x00000000002A0000-0x0000000000332000-memory.dmpFilesize
584KB