raccoon | 8aa98f87e7d6ebc36689a7436795ec85a6b286e4c298ea82bc6f127ff98d0393 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8aa98f87e7d6ebc36689a7436795ec85a6b286e4c298ea82bc6f127ff98d0393.exe
Size

214KB
Sample

221018-hdfkgaege9
MD5

36e4d1890a886e569b873e4385ae7833
SHA1

3764977cc90cb586131de0bb30921e131e6221e4
SHA256

8aa98f87e7d6ebc36689a7436795ec85a6b286e4c298ea82bc6f127ff98d0393
SHA512

e1e0d010c0724419f6e719dc03e4623be0a95fca232e7d4114b583a9794bc8d73b7f56e45a75555bff55a00dd33736b8329f5d82a3f0f08fd21a8806778f1ec9
SSDEEP

3072:3XpJF4LeFkAIZR6LGZ5AeuWbJWkp9cIiz3TjPRXPn0KNQ6:nWLeF7LGvJX7O3Tpn0qQ6

Score

10^/10

raccoon 63267bc2317b9849c2d512a4e16b0f3b stealer

Malware Config

Extracted

Family

raccoon

Botnet

63267bc2317b9849c2d512a4e16b0f3b

C2

http://shettester1000.com/

rc4.plain

Targets

- Target
  
  8aa98f87e7d6ebc36689a7436795ec85a6b286e4c298ea82bc6f127ff98d0393.exe
- Size
  
  214KB
- MD5
  
  36e4d1890a886e569b873e4385ae7833
- SHA1
  
  3764977cc90cb586131de0bb30921e131e6221e4
- SHA256
  
  8aa98f87e7d6ebc36689a7436795ec85a6b286e4c298ea82bc6f127ff98d0393
- SHA512
  
  e1e0d010c0724419f6e719dc03e4623be0a95fca232e7d4114b583a9794bc8d73b7f56e45a75555bff55a00dd33736b8329f5d82a3f0f08fd21a8806778f1ec9
- SSDEEP
  
  3072:3XpJF4LeFkAIZR6LGZ5AeuWbJWkp9cIiz3TjPRXPn0KNQ6:nWLeF7LGvJX7O3Tpn0qQ6
Score

10^/10

raccoon 63267bc2317b9849c2d512a4e16b0f3b stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon63267bc2317b9849c2d512a4e16b0f3bstealer

behavioral2

raccoon63267bc2317b9849c2d512a4e16b0f3bstealer