General
-
Target
f1944fc43d62db9057d45b21ce20af85ad848da4ca3c4bae33ac3c88e05242cf
-
Size
2.5MB
-
Sample
221016-hcza7aghbj
-
MD5
823f991f3695eef217a51c51f2c701a9
-
SHA1
6bdac4bea7c88d81e4220d118ce593bacf96fb11
-
SHA256
f1944fc43d62db9057d45b21ce20af85ad848da4ca3c4bae33ac3c88e05242cf
-
SHA512
83137543abc7ac9e27b6ee7b7291ad7d62180e03f22e017efa397e826de521d4b8cfd30086384a14d2107db75b9514495dd4437d13e79112d831deec69f7f905
-
SSDEEP
24576:yKsoZcouIWCfRKY0YSY0YuCfZMDYJYLdtZ8tZvKs9CCDh/fj6Ll8VOSl3RuQ553/:yHoZOYRKspzCCDh/fj6Ol3D
Malware Config
Extracted
raccoon
ce21570f8b07f4e68bfb7f44917635b1
http://77.73.133.7/
Targets
-
-
Target
f1944fc43d62db9057d45b21ce20af85ad848da4ca3c4bae33ac3c88e05242cf
-
Size
2.5MB
-
MD5
823f991f3695eef217a51c51f2c701a9
-
SHA1
6bdac4bea7c88d81e4220d118ce593bacf96fb11
-
SHA256
f1944fc43d62db9057d45b21ce20af85ad848da4ca3c4bae33ac3c88e05242cf
-
SHA512
83137543abc7ac9e27b6ee7b7291ad7d62180e03f22e017efa397e826de521d4b8cfd30086384a14d2107db75b9514495dd4437d13e79112d831deec69f7f905
-
SSDEEP
24576:yKsoZcouIWCfRKY0YSY0YuCfZMDYJYLdtZ8tZvKs9CCDh/fj6Ll8VOSl3RuQ553/:yHoZOYRKspzCCDh/fj6Ol3D
Score10/10-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-