raccoon | aba176220478b64db54ec6caf7cc46df9703c32e94273aa0368fbe65ce6f5aa6

Analysis

max time kernel
133s
max time network
136s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
31-01-2023 14:53

Target

file.exe
Size

294KB
MD5

230d9421f84f0be0a8bbe86bd03e9629
SHA1

8e04318e54e37e23625a608daf39fe058c02690d
SHA256

aba176220478b64db54ec6caf7cc46df9703c32e94273aa0368fbe65ce6f5aa6
SHA512

d746a21a3083062ab1a8fe8594135b586403ff1de50ada3a65a85555464dc49d4a94a471ea5a9a6cb675e353fe53797950bb53aaee7752a418bf6a7f3def3f54
SSDEEP

3072:Y6uIHYbCLpB7R4WQh57U+RUySs3nci7iEOp8c0ADHS7f43H7BFhiAIBRCDR1:sOYbCLpAWQjzRjb3ceku6S7f4VRIj

Score

10^/10

Family

raccoon

Botnet

960d8047e2829c4b87de991d706e2490

http://45.15.156.209/

rc4.plain

Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
stealer raccoon
Downloads MZ/PE file

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
PID:4828

memory/4828-132-0x0000000000559000-0x000000000056F000-memory.dmp

Filesize
88KB

Download
memory/4828-133-0x0000000000500000-0x000000000051C000-memory.dmp

Filesize
112KB

Download
memory/4828-134-0x0000000000400000-0x0000000000463000-memory.dmp

Filesize
396KB

Download
memory/4828-135-0x0000000000559000-0x000000000056F000-memory.dmp

Filesize
88KB

Download
memory/4828-136-0x0000000000400000-0x0000000000463000-memory.dmp

Filesize
396KB

Download