raccoon | ee3904c92671f362652bfda68d289600a27c92da7b5ab0b65cc32dbbc66bc776 | Triage

Sharing

General

Target

ee3904c92671f362652bfda68d289600a27c92da7b5ab0b65cc32dbbc66bc776.com
Size

1.5MB
Sample

221026-mjxs6afdhq
MD5

27476932165460a89df23f24bc00fff0
SHA1

8aabbdb12a4c6f0a00868163b878e8cc1a25d3a8
SHA256

ee3904c92671f362652bfda68d289600a27c92da7b5ab0b65cc32dbbc66bc776
SHA512

8da659bfbc867633d99b51e1b35de2ad0201da973548c5c937a1aa7611a296cf387701b912ede038bf1479b74b6194f1c2b8796ccda48fc20592d456aaf5161a
SSDEEP

24576:hHVv10WjcOINPF7ZWzYHdA0JdicS3Tjquj7BwVDE5bcjic5VxpTILD2P:hH/0WLI5VrHdTJol3HquXBg+cnj8S

Score

10^/10

raccoon 9b19cf60d9bdf65b8a2495aa965456c3 stealer

Malware Config

Extracted

Family

raccoon

Botnet

9b19cf60d9bdf65b8a2495aa965456c3

C2

http://77.91.123.97/

rc4.plain

Targets

- Target
  
  ee3904c92671f362652bfda68d289600a27c92da7b5ab0b65cc32dbbc66bc776.com
- Size
  
  1.5MB
- MD5
  
  27476932165460a89df23f24bc00fff0
- SHA1
  
  8aabbdb12a4c6f0a00868163b878e8cc1a25d3a8
- SHA256
  
  ee3904c92671f362652bfda68d289600a27c92da7b5ab0b65cc32dbbc66bc776
- SHA512
  
  8da659bfbc867633d99b51e1b35de2ad0201da973548c5c937a1aa7611a296cf387701b912ede038bf1479b74b6194f1c2b8796ccda48fc20592d456aaf5161a
- SSDEEP
  
  24576:hHVv10WjcOINPF7ZWzYHdA0JdicS3Tjquj7BwVDE5bcjic5VxpTILD2P:hH/0WLI5VrHdTJol3HquXBg+cnj8S
Score

10^/10

raccoon 9b19cf60d9bdf65b8a2495aa965456c3 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon9b19cf60d9bdf65b8a2495aa965456c3stealer

behavioral2

raccoon9b19cf60d9bdf65b8a2495aa965456c3stealer