raccoon | baa1661c6a590204e4e87e5ab7c5ed622c988f28d9c4ccf72a5db2883dc8c47e | Triage

Sharing

General

Target

4c9e48dcb47c4b46eca3a51605c71d2d.exe
Size

6.6MB
Sample

221211-kz1tmsbd7w
MD5

4c9e48dcb47c4b46eca3a51605c71d2d
SHA1

581847ba15f650291ebc111e95ed938476d16090
SHA256

baa1661c6a590204e4e87e5ab7c5ed622c988f28d9c4ccf72a5db2883dc8c47e
SHA512

99932cb133e382a3416e56690b4ab670f7d279e466abbb50f562705f41d8cf1ef4547357c8e310d7358c4de5c47b201d6e573426f8ef0912e9c03deee5314ec0
SSDEEP

98304:AM68t9dyfez1NP8+uuN7PYotBe4oqPjKWOw4WqcCFlwdlSIn2wnwb2b:m8ndya1NU+d7FLFVnKen2

Score

10^/10

raccoon 7394a7fc5da9794209d8b0503ca4abf4 stealer

Malware Config

Extracted

Family

raccoon

Botnet

7394a7fc5da9794209d8b0503ca4abf4

C2

http://45.8.145.203

rc4.plain

Targets

- Target
  
  4c9e48dcb47c4b46eca3a51605c71d2d.exe
- Size
  
  6.6MB
- MD5
  
  4c9e48dcb47c4b46eca3a51605c71d2d
- SHA1
  
  581847ba15f650291ebc111e95ed938476d16090
- SHA256
  
  baa1661c6a590204e4e87e5ab7c5ed622c988f28d9c4ccf72a5db2883dc8c47e
- SHA512
  
  99932cb133e382a3416e56690b4ab670f7d279e466abbb50f562705f41d8cf1ef4547357c8e310d7358c4de5c47b201d6e573426f8ef0912e9c03deee5314ec0
- SSDEEP
  
  98304:AM68t9dyfez1NP8+uuN7PYotBe4oqPjKWOw4WqcCFlwdlSIn2wnwb2b:m8ndya1NU+d7FLFVnKen2
Score

10^/10

raccoon 7394a7fc5da9794209d8b0503ca4abf4 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon7394a7fc5da9794209d8b0503ca4abf4stealer

behavioral2

raccoon7394a7fc5da9794209d8b0503ca4abf4stealer