General
-
Target
731f898853226cfc19744ce4fda47bbf3b742f364b4962ba3b235260bbefeb46
-
Size
2.5MB
-
Sample
221016-hjlcxaghcl
-
MD5
68cff806dd94ccac7aed715066e2dcab
-
SHA1
5ced0dde3354027b79bfd8b6a19545a64b99dfcf
-
SHA256
731f898853226cfc19744ce4fda47bbf3b742f364b4962ba3b235260bbefeb46
-
SHA512
55fa646e7f52b2c2baa1f23a2725f2ecbe121281f52f97f195ce560be22d410a9ff20836b0c6680d4f1eb7187644ecf88beb22b802cf5371418a7d08d36ae83b
-
SSDEEP
24576:9lrJ5wsOjflMYKY0YSY0YuCfZMDYJYLdtZ8tZvE/KCDh/fj6LXYp2Gl3RuQ5531g:9RojWYKspnCDh/fj6gl3O
Malware Config
Extracted
raccoon
ce21570f8b07f4e68bfb7f44917635b1
http://77.73.133.7/
Targets
-
-
Target
731f898853226cfc19744ce4fda47bbf3b742f364b4962ba3b235260bbefeb46
-
Size
2.5MB
-
MD5
68cff806dd94ccac7aed715066e2dcab
-
SHA1
5ced0dde3354027b79bfd8b6a19545a64b99dfcf
-
SHA256
731f898853226cfc19744ce4fda47bbf3b742f364b4962ba3b235260bbefeb46
-
SHA512
55fa646e7f52b2c2baa1f23a2725f2ecbe121281f52f97f195ce560be22d410a9ff20836b0c6680d4f1eb7187644ecf88beb22b802cf5371418a7d08d36ae83b
-
SSDEEP
24576:9lrJ5wsOjflMYKY0YSY0YuCfZMDYJYLdtZ8tZvE/KCDh/fj6LXYp2Gl3RuQ5531g:9RojWYKspnCDh/fj6gl3O
Score10/10-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-