General
-
Target
d90f96aa27e90b9884d37ae452272e08a1e65405dd216ca000edbd3541381641
-
Size
2.5MB
-
Sample
221017-1z4tasddd7
-
MD5
98bb77be0218bae48ed9b2647aafa2f3
-
SHA1
357f88867103b89cbc41293f60a2f7e7829af206
-
SHA256
d90f96aa27e90b9884d37ae452272e08a1e65405dd216ca000edbd3541381641
-
SHA512
9e34f59683500fc2cb4f6c4831fdf2662707f87fa297659f5cafaa0e2ed5556793601dfc7fd195ef7d0ac5de1af268e226787c2bdbc2df5802b9b5231b20a2e9
-
SSDEEP
24576:nzww4MA8/R3BL7o+w0Y1Yj002XLMw96KZd2B8Z0b5bpD62vI/H/313LrXC79lyOy:nZAAnL7o+awbFI/H/313nofl38
Malware Config
Extracted
raccoon
ce21570f8b07f4e68bfb7f44917635b1
http://77.73.133.7/
Targets
-
-
Target
d90f96aa27e90b9884d37ae452272e08a1e65405dd216ca000edbd3541381641
-
Size
2.5MB
-
MD5
98bb77be0218bae48ed9b2647aafa2f3
-
SHA1
357f88867103b89cbc41293f60a2f7e7829af206
-
SHA256
d90f96aa27e90b9884d37ae452272e08a1e65405dd216ca000edbd3541381641
-
SHA512
9e34f59683500fc2cb4f6c4831fdf2662707f87fa297659f5cafaa0e2ed5556793601dfc7fd195ef7d0ac5de1af268e226787c2bdbc2df5802b9b5231b20a2e9
-
SSDEEP
24576:nzww4MA8/R3BL7o+w0Y1Yj002XLMw96KZd2B8Z0b5bpD62vI/H/313LrXC79lyOy:nZAAnL7o+awbFI/H/313nofl38
Score10/10-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-