General
-
Target
10b35b0a00b3ac1d6f054e7725d631ef.exe
-
Size
328KB
-
Sample
221002-gm124abag9
-
MD5
10b35b0a00b3ac1d6f054e7725d631ef
-
SHA1
848aaa630439851a739c0a323b8f6505f23ecf1d
-
SHA256
9864bde6be2d10c1a5c0e00bb99dc640bf3c955ab0be9dd4529c50d48cb58eb7
-
SHA512
54123311506c8b77adada920d04235f2e362b8cd9b1f62ab8dbf73a511ea167776ca5b456bdbec3a2a3a14e259b3397a3dd3e21c45eb1c575d86c3e6a82a9481
-
SSDEEP
6144:M7vxRKWegP6hIny3hkUFUUUUUU20OBvcf0XYnigabwVfs:M7p9eedny3hkyAU6YiB
Malware Config
Extracted
raccoon
846ce8cfbc755d6bc48111cd9e1e0ad0
http://94.131.97.33/
http://45.142.215.91/
Targets
-
-
Target
10b35b0a00b3ac1d6f054e7725d631ef.exe
-
Size
328KB
-
MD5
10b35b0a00b3ac1d6f054e7725d631ef
-
SHA1
848aaa630439851a739c0a323b8f6505f23ecf1d
-
SHA256
9864bde6be2d10c1a5c0e00bb99dc640bf3c955ab0be9dd4529c50d48cb58eb7
-
SHA512
54123311506c8b77adada920d04235f2e362b8cd9b1f62ab8dbf73a511ea167776ca5b456bdbec3a2a3a14e259b3397a3dd3e21c45eb1c575d86c3e6a82a9481
-
SSDEEP
6144:M7vxRKWegP6hIny3hkUFUUUUUU20OBvcf0XYnigabwVfs:M7p9eedny3hkyAU6YiB
Score10/10-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-