Overview

overview

10

Static

static

Setup.exe

windows7-x64

1

Setup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8398d51e744bb833d67df9fcef681f25a55a0ac313d68a5c8a23c19182cc6d27.rar

  • Size

    6.5MB

  • Sample

    230124-m13qqscb2w

  • MD5

    2fd530209afece34a195585e9b01be91

  • SHA1

    793f065aa751599b5c243b9b9121a1edc10c612f

  • SHA256

    8398d51e744bb833d67df9fcef681f25a55a0ac313d68a5c8a23c19182cc6d27

  • SHA512

    60ea31a679a57409b2ac728d4035500825181600f4643cbf74abccf868a7364a13dfa71ec9299fe5082111dfe7a1268f68db26d02894463d4626c6ed0bb5ea65

  • SSDEEP

    98304:opqmR1+kWyc8vIGAJW5opwBpTdVu2MhymM8MjeyCYlqTzi44pYP1twjP7:lM19c8AJWowBd3u2MhymMjemqvB4qPq

Score
10/10
raccoon1269ed6cdc166a49ecc72e46095cfacestealer

Malware Config

Extracted

Family

raccoon

Botnet

1269ed6cdc166a49ecc72e46095cface

C2

http://79.137.197.160/

http://79.137.197.190/
rc4.plain

Targets

    • Target

      Setup.exe

    • Size

      726.7MB

    • MD5

      2d60d7a1d5a318428f0174cb11fd6a2a

    • SHA1

      3e1f2ed3c74258886e64b88e4787391d01138009

    • SHA256

      e1bfff83d45e1d31c9e9cb3d2640d645aa9ab8c9ca70fff576b3926777bf846e

    • SHA512

      0efd1f26c590044ad758b8c78081acfb79c70244947ae891a984807e7f446fd5f6e4933fd0831cd76b915cf78406b0b57d8b9d03c5ff0b4a67f42531c1ce5746

    • SSDEEP

      98304:cCTD5Mri+t9nwDlFQveHwXrgG/IXZMXr6vU2EsQ6I/VFdrQTg8MStd+O7ANXbmE5:E209w5Weu7/4uOvU6nCVQTjld+OkNLtj

    Score
    10/10
    raccoon1269ed6cdc166a49ecc72e46095cfacestealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks