Overview

overview

10

Static

static

10

312-136-0x...ry.exe

windows7-x64

1

312-136-0x...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    312-136-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • Sample

    221126-tvmkwsbd5x

  • MD5

    1c535fdd8bbd9cc5bdb3363c661c2d27

  • SHA1

    c37d4583c7566ade2d56cb9fd29535a1cf81a72d

  • SHA256

    4f184664585ba8e788ad17dea1570c5167176254c1d597234867e702249345cb

  • SHA512

    637c734f0c40609351d82e74cbf60682f0d0b251f1b034b56a3ccc2feec3a1d31d7a2f140b61839601c538d3977c43a628b0ddc3cbe65ce72e28296c8ef476f4

  • SSDEEP

    768:dxVfxVAXFOKEca8dzVRW3Wcb9JhL7OxDZ8m4aUe7vST0o+EnauyZ68nkG8qj:/Vp01Eca2zL+9HhLUDZ83BT0o23198

Score
10/10
raccoon5d704573a0f97fb52a93667085c18b77

Malware Config

Extracted

Family

raccoon

Botnet

5d704573a0f97fb52a93667085c18b77

C2

http://193.106.191.150/

rc4.plain

Targets

    • Target

      312-136-0x0000000000400000-0x0000000000412000-memory.dmp

    • Size

      72KB

    • MD5

      1c535fdd8bbd9cc5bdb3363c661c2d27

    • SHA1

      c37d4583c7566ade2d56cb9fd29535a1cf81a72d

    • SHA256

      4f184664585ba8e788ad17dea1570c5167176254c1d597234867e702249345cb

    • SHA512

      637c734f0c40609351d82e74cbf60682f0d0b251f1b034b56a3ccc2feec3a1d31d7a2f140b61839601c538d3977c43a628b0ddc3cbe65ce72e28296c8ef476f4

    • SSDEEP

      768:dxVfxVAXFOKEca8dzVRW3Wcb9JhL7OxDZ8m4aUe7vST0o+EnauyZ68nkG8qj:/Vp01Eca2zL+9HhLUDZ83BT0o23198

    Score
    5/10

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks