raccoon | ce85db03754bb4c233147c1613428191696dcf3225acc172882fad554f96ddfd

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
29-01-2023 21:15

Target

ce85db03754bb4c233147c1613428191696dcf3225acc172882fad554f96ddfd.exe
Size

464KB
MD5

66a0da1cb32c4b677e7f8457985db36b
SHA1

853d021825792251ee506fffdfbb1928fc72a6d8
SHA256

ce85db03754bb4c233147c1613428191696dcf3225acc172882fad554f96ddfd
SHA512

ab4ceef701cd85f77eb26f296d06a370a85bcf6da37d6e3d48d3a62af4b2ca7ee33e6d2fb3c56d1d089716ddfa650506a8e1b2ce00a3ff90b8caf8e283e72aca
SSDEEP

12288:wR0OI2gEOnrQd+KHkGV4Xi1pmN0O6AmdFlE3BIFVyO:wMEmrQkKHkGV4Xi1wN0O6AmTl4BI7Z

Score

10^/10

Family

raccoon

Version

1.7.2

Botnet

9ba64f4b6fe448911470a88f09d6e7d5b92ff0ab

Attributes

rc4.plain

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon

Raccoon Stealer payload 2 IoCs

Processes:

resource	yara_rule
behavioral2/memory/4464-133-0x0000000000D30000-0x0000000000DC2000-memory.dmp	family_raccoon
behavioral2/memory/4464-134-0x0000000000400000-0x000000000086E000-memory.dmp	family_raccoon

C:\Users\Admin\AppData\Local\Temp\ce85db03754bb4c233147c1613428191696dcf3225acc172882fad554f96ddfd.exe
"C:\Users\Admin\AppData\Local\Temp\ce85db03754bb4c233147c1613428191696dcf3225acc172882fad554f96ddfd.exe"
1⤵
PID:4464

memory/4464-132-0x0000000000B47000-0x0000000000B98000-memory.dmp

Filesize
324KB

Download
memory/4464-133-0x0000000000D30000-0x0000000000DC2000-memory.dmp

Filesize
584KB

Download
memory/4464-134-0x0000000000400000-0x000000000086E000-memory.dmp

Filesize
4.4MB

Download