Overview

overview

10

Static

static

Setup.exe

windows7-x64

1

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    6.7MB

  • Sample

    230124-b89y8shh7x

  • MD5

    881e1bd632cd181c1853bd590e668f4a

  • SHA1

    6ce4d1f915006cb76c1a4a5c3bc6abcd3a4fd890

  • SHA256

    973f558936e9cd63c00eba6da49d86b6f34f3e0af54a314356d6271faa328745

  • SHA512

    0625e33c2c5124aad2e920f0e8a512cb0be9e2876dfbaa218abfc67eb16b88b57f25a9af421c2cc78d23e6ed7288d3fc7f2fe03d1e70cb8d34ace0136b5b238b

  • SSDEEP

    98304:cCTD5Mri+t9nwDlFQveHwXrgG/IXZMXr6vU2EsQ6I/VFdrQTg8MStd+O7ANXbmEr:E209w5Weu7/4uOvU6nCVQTjld+OkNLtJ

Score
10/10
raccoon1269ed6cdc166a49ecc72e46095cfacestealer

Malware Config

Extracted

Family

raccoon

Botnet

1269ed6cdc166a49ecc72e46095cface

C2

http://79.137.197.160/

http://79.137.197.190/
rc4.plain

Targets

    • Target

      Setup.exe

    • Size

      6.7MB

    • MD5

      881e1bd632cd181c1853bd590e668f4a

    • SHA1

      6ce4d1f915006cb76c1a4a5c3bc6abcd3a4fd890

    • SHA256

      973f558936e9cd63c00eba6da49d86b6f34f3e0af54a314356d6271faa328745

    • SHA512

      0625e33c2c5124aad2e920f0e8a512cb0be9e2876dfbaa218abfc67eb16b88b57f25a9af421c2cc78d23e6ed7288d3fc7f2fe03d1e70cb8d34ace0136b5b238b

    • SSDEEP

      98304:cCTD5Mri+t9nwDlFQveHwXrgG/IXZMXr6vU2EsQ6I/VFdrQTg8MStd+O7ANXbmEr:E209w5Weu7/4uOvU6nCVQTjld+OkNLtJ

    Score
    10/10
    raccoon1269ed6cdc166a49ecc72e46095cfacestealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks