raccoon | 9492642ad34ae6774b07ed2f5835ca95d2b4d555bb17afa090de9cd5965cb41d | Triage

Sharing

General

Target

Use_54321_As_Pass.rar
Size

2.2MB
Sample

230202-vxajsadc84
MD5

81a0d2d1981579eef73a92a9e17872c1
SHA1

a84c2099e6bbcb1120bf5ae243fdf96bd3847fb0
SHA256

9492642ad34ae6774b07ed2f5835ca95d2b4d555bb17afa090de9cd5965cb41d
SHA512

2f0e7cad2ef45e825364a11fb5e8707c34e28a80b7a1c85dba6f346a0f3175eaf405970a52f2e8615129272bdf992bb4be2a066c5c3ecc9613ff740de47dfea1
SSDEEP

49152:j7mFF+J6ia/RGbZdzzQQ+O+3eqjTTVY38wVKM1+hjUCLgsR:wF+PECz+Reqj3CskKMsJ5x

Score

10^/10

raccoon 697fc5d9af6aa2a29510779d2fc54b97 stealer

Malware Config

Extracted

Family

raccoon

Botnet

697fc5d9af6aa2a29510779d2fc54b97

C2

http://83.217.11.27/

http://83.217.11.28/

rc4.plain

Targets

- Target
  
  Setup.exe
- Size
  
  464.2MB
- MD5
  
  b7acc6f593be4c46139172e407cd8a31
- SHA1
  
  c5da8ad87b48c9fb91737adcecb96c2b8f080d3f
- SHA256
  
  51f5d6c6f04596d1911c8b8c400b4c358f31c24f68e15a88b92532d96350f2b2
- SHA512
  
  0462ad8c7da7bad9b9a6e4c1814b12f78c7b927fe29265ef4ae5f7569930aebbe683bad6b206fcea2591b3d37031cf67cef64bdeb5de90edcf92c2caa3894827
- SSDEEP
  
  24576:0H/uo6PLM7WzcR9IMfmBm8Cvbgu7hkLXsZyJp:a104RjOt8A86
Score

10^/10

raccoon 697fc5d9af6aa2a29510779d2fc54b97 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon697fc5d9af6aa2a29510779d2fc54b97stealer

behavioral2

raccoon697fc5d9af6aa2a29510779d2fc54b97stealer