Overview

overview

10

Static

static

1

Ableton Li...er.exe

windows7-x64

1

Ableton Li...er.exe

windows10-2004-x64

10

Ableton Li...er.exe

windows7-x64

1

Ableton Li...er.exe

windows10-2004-x64

10

Ableton.Ll...er.exe

windows7-x64

1

Ableton.Ll...er.exe

windows10-2004-x64

10

Ableton.Ll...te.exe

windows7-x64

1

Ableton.Ll...te.exe

windows10-2004-x64

10

Ableton.Ll...en.exe

windows7-x64

8

Ableton.Ll...en.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    64s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-01-2023 11:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ableton Live 11 Suite Installer.exe

  • Size

    6.3MB

  • MD5

    05517715339d0202753043b809857877

  • SHA1

    c3295ef7bfe8f474d468fa39ed67c65b66733163

  • SHA256

    9a79efd66dafa62b75f8dfb77defa5ce06858c6501dbcc90930a959827583271

  • SHA512

    75a125fe5fa11cba0b6d0545b5fdce3b0e0360dc4d3b2c10ee8d2bed81af31566f9f05dc02b6c5343257f4e8ad6f6b9ed0fae429b42682923999be2cd96c9d9b

  • SSDEEP

    196608:xmD/cRu3LyA8OYtgd/bS/4jqJK7nmLAqq:xmq5KjS/ojnB

Score
10/10
raccoon4ee4e2ee5aa36d394f5d44408a602375stealer

Malware Config

Extracted

Family

raccoon

Botnet

4ee4e2ee5aa36d394f5d44408a602375

C2

http://168.119.60.182/

rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Ableton Live 11 Suite Installer.exe
    "C:\Users\Admin\AppData\Local\Temp\Ableton Live 11 Suite Installer.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2504-132-0x0000000000400000-0x0000000000DAF000-memory.dmp
    Filesize

    9.7MB

    Download
  • memory/2504-134-0x0000000000400000-0x0000000000DAF000-memory.dmp
    Filesize

    9.7MB

    Download
  • memory/2504-135-0x0000000000400000-0x0000000000DAF000-memory.dmp
    Filesize

    9.7MB

    Download
  • memory/2504-136-0x0000000000400000-0x0000000000DAF000-memory.dmp
    Filesize

    9.7MB

    Download