raccoon | 7290c829766822b7e0a178357567de509be110ea8fc3cab0cfa9188782a81668 | Triage

Sharing

General

Target

24085f579497e4adda77ea8e3101efe4.bin
Size

6.0MB
Sample

230130-qgfzeaae29
MD5

92260131cf744ad3755e14e4ed905bfa
SHA1

7e5fb613e957aed0a43c2e77a94332d54b8cd4db
SHA256

7290c829766822b7e0a178357567de509be110ea8fc3cab0cfa9188782a81668
SHA512

189a83c0883446ea25ba4b022510aa68b6184280e824cb6e9fd5a251926bfbd4c6b9f7308cfc7d1620f2b7381a4260e8a64a0be51f90be543929135cdcf45a71
SSDEEP

98304:8lSx7l9O+DZGJ4R0+aeYUuulWUU0GJdJaCFpPjGamvA3KL9ojz5kG52sUIaE9wLT:gS7kKZQ4eTeiulNK3pbj7+Gz5z2sUGwX

Score

10^/10

raccoon 5c28acbbf9d03405995950480f1c9638 stealer

Malware Config

Extracted

Family

raccoon

Botnet

5c28acbbf9d03405995950480f1c9638

C2

http://193.149.187.53/

rc4.plain

Targets

- Target
  
  e7f78e22526692e61b0df20f2f6a7d22918d6b8ed0d8489db583a0e60952ff67.exe
- Size
  
  6.2MB
- MD5
  
  24085f579497e4adda77ea8e3101efe4
- SHA1
  
  fe29633a73efe06ffed1954be236aa9e49e2a762
- SHA256
  
  e7f78e22526692e61b0df20f2f6a7d22918d6b8ed0d8489db583a0e60952ff67
- SHA512
  
  332a558c0264bfe9b09a630fa9d9637742df0933540defc933ec00a43556eaa74e1b3f996edacd95bf0b98bb905481144dc7815777126bfdfa5815e1a5bbe3bc
- SSDEEP
  
  98304:2d+HKGRyh0wuVmd1USdtQ1TdEHSHBbmXLXKDSxWdyzxN0ARU6CjvpGbSrvLCoWwj:2UM8s+GoBbCXDxPxNaNGb6L31
Score

10^/10

raccoon 5c28acbbf9d03405995950480f1c9638 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoon5c28acbbf9d03405995950480f1c9638stealer