Overview

overview

10

Static

static

510cfa4afb...a7.exe

windows7-x64

10

510cfa4afb...a7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    510cfa4afbb2dee2ae2108820c7ec0b5219db332a207966f13808fa60aa793a7

  • Size

    615KB

  • Sample

    220718-wv3m8acee2

  • MD5

    ef02f4d3661f67bc536739cb75ba6d84

  • SHA1

    f3cd17114a9080296f6514ee1269aa6339a7cd4f

  • SHA256

    510cfa4afbb2dee2ae2108820c7ec0b5219db332a207966f13808fa60aa793a7

  • SHA512

    ed6da25c45925fa612677f5f5a4a877673405970527d44fc7d73e2525416bf97844fde6cdb830b50b0c299b18ba7197e7395cc741b0640f7327ac0ff14286688

Score
10/10
raccoon7c9b4504a63ed23664e38808e65948379b790395stealersuricata

Malware Config

Extracted

Family

raccoon

Botnet

7c9b4504a63ed23664e38808e65948379b790395

Attributes
  • url4cnc

    http://telegka.top/capibar

    http://telegin.top/capibar

    https://t.me/capibar

rc4.plain
rc4.plain

Targets

    • Target

      510cfa4afbb2dee2ae2108820c7ec0b5219db332a207966f13808fa60aa793a7

    • Size

      615KB

    • MD5

      ef02f4d3661f67bc536739cb75ba6d84

    • SHA1

      f3cd17114a9080296f6514ee1269aa6339a7cd4f

    • SHA256

      510cfa4afbb2dee2ae2108820c7ec0b5219db332a207966f13808fa60aa793a7

    • SHA512

      ed6da25c45925fa612677f5f5a4a877673405970527d44fc7d73e2525416bf97844fde6cdb830b50b0c299b18ba7197e7395cc741b0640f7327ac0ff14286688

    Score
    10/10
    raccoon7c9b4504a63ed23664e38808e65948379b790395stealersuricata

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

      suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)

      suricata

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks