raccoon | 3f4ab40f84b5044f436b076024787a62f5444ab3549f49f8460ca6a72f949d00 | Triage

Resubmissions

13/01/2023, 12:35

230113-pshfyagh56 10

10/01/2023, 12:21

230110-pjc5vsfh98 5

Sharing

General

Target

Use_44744_As_Passw0rd.rar
Size

1.5MB
Sample

230113-pshfyagh56
MD5

fefe55558eabd52fc8478b086b1c7a16
SHA1

84012fc90afbaa6db140f38ef7eb681fbfab2924
SHA256

3f4ab40f84b5044f436b076024787a62f5444ab3549f49f8460ca6a72f949d00
SHA512

bb184f6ebf687e31b98e002f1c38aa0f404a3910724990b5c323fc2e28c857a1dc0844d991595d8fb39b5cce63f661e44ac916022ad07eab75aaf41bfc70c7fc
SSDEEP

24576:1CmznfJFCeet4PwTjx1QC6R12FX5Tc0xqookGvyqjbBjnQ4Ia:06nRFotI6xOR1200PMvFbxQ4F

Score

10^/10

raccoon 3f5dbd517c907491b1a8f780714018c7 stealer

Malware Config

Extracted

Family

raccoon

Botnet

3f5dbd517c907491b1a8f780714018c7

C2

http://94.131.98.88/

rc4.plain

Targets

- Target
  
  Setup.exe
- Size
  
  450.0MB
- MD5
  
  cb2b683c08069259a1ad4eaa829cfeb4
- SHA1
  
  acae6f70cf1e360bb3656e936c45ca14d448f8c1
- SHA256
  
  0f08546b9b68ffd107a9bfb61985f1f07b7418e8a78b73eec441f8bbf2396de7
- SHA512
  
  7741c2e7ed7b62e930be73f1a49a17019ecd36a84bde628b50dd055d6e2940938f089f8c272a4a578af1db569b7ff702744d87762ea5fac1cbc019320b062e03
- SSDEEP
  
  24576:+S02yH58BY5FHoJhxIeeE98PKmyChWjzbyqo53xre6:o5t51pWkSyqo5Y
Score

10^/10

raccoon 3f5dbd517c907491b1a8f780714018c7 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon3f5dbd517c907491b1a8f780714018c7stealer

behavioral2

raccoon3f5dbd517c907491b1a8f780714018c7stealer