raccoon | 006c93dbcc3938755328928bf3d8e94684de290fe3bf0cbfacdf0448ed0b96ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

392d74f5a99301c537b4e843e8c9d66e.exe
Size

1.7MB
Sample

220916-st7c8sbghm
MD5

392d74f5a99301c537b4e843e8c9d66e
SHA1

5dd51ccefc6f45fe3fc5e26b4986227a70749e1e
SHA256

006c93dbcc3938755328928bf3d8e94684de290fe3bf0cbfacdf0448ed0b96ed
SHA512

d46e68007fd624624e1b8b8540d5d1f071e29100a7b2bd872f76d4979b5003eee92f0543ee86e2145ce6d5208e22f73cf47e1b6659d1818a6690bc773112556e
SSDEEP

24576:YFzZUezXpkyKbO1zcrSGv/fSx/w9R5JiaUsuwfArXCsqm7q5y03+clm1SaCanwm5:6ZUmpIypcOGXfS6NwpSArhuaAhanwf

Score

10^/10

raccoon a1c82a612810c69701f8c72096e6a567 stealer

Malware Config

Extracted

Family

raccoon

Botnet

a1c82a612810c69701f8c72096e6a567

C2

http://94.131.107.60/

rc4.plain

Targets

- Target
  
  392d74f5a99301c537b4e843e8c9d66e.exe
- Size
  
  1.7MB
- MD5
  
  392d74f5a99301c537b4e843e8c9d66e
- SHA1
  
  5dd51ccefc6f45fe3fc5e26b4986227a70749e1e
- SHA256
  
  006c93dbcc3938755328928bf3d8e94684de290fe3bf0cbfacdf0448ed0b96ed
- SHA512
  
  d46e68007fd624624e1b8b8540d5d1f071e29100a7b2bd872f76d4979b5003eee92f0543ee86e2145ce6d5208e22f73cf47e1b6659d1818a6690bc773112556e
- SSDEEP
  
  24576:YFzZUezXpkyKbO1zcrSGv/fSx/w9R5JiaUsuwfArXCsqm7q5y03+clm1SaCanwm5:6ZUmpIypcOGXfS6NwpSArhuaAhanwf
Score

10^/10

raccoon a1c82a612810c69701f8c72096e6a567 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoona1c82a612810c69701f8c72096e6a567stealer

behavioral2

raccoona1c82a612810c69701f8c72096e6a567stealer