raccoon | 0df3404bbe865890b299e8d1d553bdcb85942d6510f73b7e2e541af2d0bfbde3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0df3404bbe865890b299e8d1d553bdcb85942d6510f73b7e2e541af2d0bfbde3
Size

2.6MB
Sample

221101-kbddfaaedm
MD5

85851fe29d05e0f2e16b42449b61b93b
SHA1

9c21341cbd3a2a241ecda27d53259e8fb847a77d
SHA256

0df3404bbe865890b299e8d1d553bdcb85942d6510f73b7e2e541af2d0bfbde3
SHA512

2a64e4e8ed81195331cffa32337d07643662f56c8e4f8719f3c23b581486ca755c040880f5ceb83aa65a7b2e641616bfd540c04bddf1cf206b135e36c012ea3e
SSDEEP

24576:zWk6N1YdEVzQEqLUFWZ7BYFY9m1owGZMqhdskym94buNAJ92UpQbmLc1Hl3RuQ5T:l6DaEVzQ/QWZb2JHT2UpQbmGl3

Score

10^/10

raccoon 48a552198059c516df2b2c17bc69657a stealer

Malware Config

Extracted

Family

raccoon

Botnet

48a552198059c516df2b2c17bc69657a

C2

http://91.209.226.43/

rc4.plain

Targets

- Target
  
  0df3404bbe865890b299e8d1d553bdcb85942d6510f73b7e2e541af2d0bfbde3
- Size
  
  2.6MB
- MD5
  
  85851fe29d05e0f2e16b42449b61b93b
- SHA1
  
  9c21341cbd3a2a241ecda27d53259e8fb847a77d
- SHA256
  
  0df3404bbe865890b299e8d1d553bdcb85942d6510f73b7e2e541af2d0bfbde3
- SHA512
  
  2a64e4e8ed81195331cffa32337d07643662f56c8e4f8719f3c23b581486ca755c040880f5ceb83aa65a7b2e641616bfd540c04bddf1cf206b135e36c012ea3e
- SSDEEP
  
  24576:zWk6N1YdEVzQEqLUFWZ7BYFY9m1owGZMqhdskym94buNAJ92UpQbmLc1Hl3RuQ5T:l6DaEVzQ/QWZb2JHT2UpQbmGl3
Score

10^/10

raccoon 48a552198059c516df2b2c17bc69657a stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon48a552198059c516df2b2c17bc69657astealer

behavioral2

raccoon48a552198059c516df2b2c17bc69657astealer