General

  • Target

    1Setup.exe.malware

  • Size

    6.8MB

  • Sample

    230114-ra56dsch4w

  • MD5

    cbf99cf175c98088228ce2914c2b3354

  • SHA1

    c60a26e0c3f3afde5fb7ad13706e1dbb7ab5431e

  • SHA256

    6c686f0aa76776489fd29b2777c77a9a3011c67bb67ccfe17b1ed264c8d5591a

  • SHA512

    d0d1a0eeeef8c36e63c710835508caa436a361dfbb4da6878941da5c5d15b838820ddaeaaf762ecb2e27adc2b15f9a419ea0b13901bdad45e0e5f9d1ef6a455e

  • SSDEEP

    98304:7dEPYMOo5jW4WF7KhlKBLaNi54hqjzB0gbY+ApQJMQZCWpn4XAWwLYOgLe89i:KPYMVna7GK6i54hqjqmA6dn4XA9YO8dc

Malware Config

Extracted

Family

raccoon

Botnet

0eceb3d1f21f3ea1b454c7f4a9867731

C2

http://146.70.86.11/

http://69.46.15.158/

rc4.plain

Targets

    • Target

      1Setup.exe.malware

    • Size

      6.8MB

    • MD5

      cbf99cf175c98088228ce2914c2b3354

    • SHA1

      c60a26e0c3f3afde5fb7ad13706e1dbb7ab5431e

    • SHA256

      6c686f0aa76776489fd29b2777c77a9a3011c67bb67ccfe17b1ed264c8d5591a

    • SHA512

      d0d1a0eeeef8c36e63c710835508caa436a361dfbb4da6878941da5c5d15b838820ddaeaaf762ecb2e27adc2b15f9a419ea0b13901bdad45e0e5f9d1ef6a455e

    • SSDEEP

      98304:7dEPYMOo5jW4WF7KhlKBLaNi54hqjzB0gbY+ApQJMQZCWpn4XAWwLYOgLe89i:KPYMVna7GK6i54hqjqmA6dn4XA9YO8dc

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks