raccoon | 0da4df470d6f673cdab6ca0785bf802b9625aa93481987cbb32c6772a043be4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0da4df470d6f673cdab6ca0785bf802b9625aa93481987cbb32c6772a043be4f
Size

178KB
Sample

220906-tf2q9sfea2
MD5

46b1520590ffe30db3c378199d6596a6
SHA1

12ce4003aff2b259169752606e55c1bdcdb96eb4
SHA256

0da4df470d6f673cdab6ca0785bf802b9625aa93481987cbb32c6772a043be4f
SHA512

161610abdabf1d4ae5b8ead3b42550a0525db2b186ee46352c5d9f17dc2571e530ca0913ed2a4e35eed2537d28d697987fcab7718be7805da56679bb0f7df7f3
SSDEEP

3072:8ghmA17ST5gmK/GimGkDXdiabMnSKdG6PYzIFBNY3di+z0HXOyDutaoe5Gep2nLW:8tO65pKLeXdfMSKH5V+zGP1GeUjYjAu

Score

10^/10

raccoon 654b3e7f2d409dcde795b5d2dacf4955 stealer

Malware Config

Extracted

Family

raccoon

Botnet

654b3e7f2d409dcde795b5d2dacf4955

C2

http://46.249.58.152/

rc4.plain

Targets

- Target
  
  0da4df470d6f673cdab6ca0785bf802b9625aa93481987cbb32c6772a043be4f
- Size
  
  178KB
- MD5
  
  46b1520590ffe30db3c378199d6596a6
- SHA1
  
  12ce4003aff2b259169752606e55c1bdcdb96eb4
- SHA256
  
  0da4df470d6f673cdab6ca0785bf802b9625aa93481987cbb32c6772a043be4f
- SHA512
  
  161610abdabf1d4ae5b8ead3b42550a0525db2b186ee46352c5d9f17dc2571e530ca0913ed2a4e35eed2537d28d697987fcab7718be7805da56679bb0f7df7f3
- SSDEEP
  
  3072:8ghmA17ST5gmK/GimGkDXdiabMnSKdG6PYzIFBNY3di+z0HXOyDutaoe5Gep2nLW:8tO65pKLeXdfMSKH5V+zGP1GeUjYjAu
Score

10^/10

raccoon 654b3e7f2d409dcde795b5d2dacf4955 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon654b3e7f2d409dcde795b5d2dacf4955stealer