raccoon | 952156fe6b02ba6087be739100138cf82bd4afbc0663212911a2307b8bdd0850 | Triage

Sharing

General

Target

file.exe
Size

637KB
Sample

230206-y4ec4aba4v
MD5

eca4feba04eccc06945fbf8473b47fb6
SHA1

50de88877688aa47cbb51d775818e81cc0b2f5aa
SHA256

952156fe6b02ba6087be739100138cf82bd4afbc0663212911a2307b8bdd0850
SHA512

594b4d25928e62977a2ea26410b0376d1d86db91a1806f380565d7df936c7d291ee699f11f4fe08bf9fb5e50a37e91e48623276865f04cea8b010db140d21faa
SSDEEP

12288:2mbEKu7il2hsPb+HT0qE8S6S7ztLHKNu+A+/1bBc9xJPmH5x+dvs+0vLCX1mCwQx:2mbEKu6e8b8vOztLHKNu+A+/1bWFPBS0

Score

10^/10

raccoon 79baa49d7baf0a462ea77cc305c9dc65 stealer

Malware Config

Extracted

Family

raccoon

Botnet

79baa49d7baf0a462ea77cc305c9dc65

C2

http://78.47.92.58/

rc4.plain

Targets

- Target
  
  file.exe
- Size
  
  637KB
- MD5
  
  eca4feba04eccc06945fbf8473b47fb6
- SHA1
  
  50de88877688aa47cbb51d775818e81cc0b2f5aa
- SHA256
  
  952156fe6b02ba6087be739100138cf82bd4afbc0663212911a2307b8bdd0850
- SHA512
  
  594b4d25928e62977a2ea26410b0376d1d86db91a1806f380565d7df936c7d291ee699f11f4fe08bf9fb5e50a37e91e48623276865f04cea8b010db140d21faa
- SSDEEP
  
  12288:2mbEKu7il2hsPb+HT0qE8S6S7ztLHKNu+A+/1bBc9xJPmH5x+dvs+0vLCX1mCwQx:2mbEKu6e8b8vOztLHKNu+A+/1bWFPBS0
Score

10^/10

raccoon 79baa49d7baf0a462ea77cc305c9dc65 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon79baa49d7baf0a462ea77cc305c9dc65stealer

behavioral2

raccoon79baa49d7baf0a462ea77cc305c9dc65stealer