Overview

overview

10

Static

static

c4c5f46ae1...0b.exe

windows7-x64

10

c4c5f46ae1...0b.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/11/2022, 10:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c4c5f46ae144945f7f557f2dafda9321ddff6501dfd2b938512c496b73e3940b.exe

  • Size

    7.2MB

  • MD5

    a3a28f604516c08d47b1fff38899b58b

  • SHA1

    40ecd4d51a4fe5162b59408ad5c51a88c4a83495

  • SHA256

    c4c5f46ae144945f7f557f2dafda9321ddff6501dfd2b938512c496b73e3940b

  • SHA512

    c4491a201580371a859cfeebdec1fe43fa6fe9c95cdf127e686c974d8866717f3a0828a7734c76df0120a4635e1606538c88dd16ccbcb26ff4208f575754c652

  • SSDEEP

    196608:DDboi8HWXAoZkdJh1nf51OHeR8f3RuOxrAKBZ7VrZ:DfoiKWwoCjH1OHQq3Ruq0WZB

Score
10/10
raccooned21f92a8447e78ab0592dc4722f2dddstealer

Malware Config

Extracted

Family

raccoon

Botnet

ed21f92a8447e78ab0592dc4722f2ddd

C2

http://46.249.58.152/

rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer payload 4 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c4c5f46ae144945f7f557f2dafda9321ddff6501dfd2b938512c496b73e3940b.exe
    "C:\Users\Admin\AppData\Local\Temp\c4c5f46ae144945f7f557f2dafda9321ddff6501dfd2b938512c496b73e3940b.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:756

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/756-132-0x0000000000270000-0x0000000000D7C000-memory.dmp

          Filesize

          11.0MB

          Download

        • memory/756-133-0x0000000000270000-0x0000000000D7C000-memory.dmp

          Filesize

          11.0MB

          Download

        • memory/756-135-0x0000000000270000-0x0000000000D7C000-memory.dmp

          Filesize

          11.0MB

          Download

        • memory/756-136-0x0000000000270000-0x0000000000D7C000-memory.dmp

          Filesize

          11.0MB

          Download