General

  • Target

    a97fed9c529571b5fb38587210e019ac.exe

  • Size

    6.8MB

  • Sample

    230207-aax2cage57

  • MD5

    a97fed9c529571b5fb38587210e019ac

  • SHA1

    6128ef718208e3b1fd79021cd256d0dbecd654fa

  • SHA256

    979e6375e26c44315315f1e2d7476a074227a3464b7b96f7d7e4f08e27a2518e

  • SHA512

    876603b93d8bf471071da01828975fc94d97d5101360cfa34cc2f2a5ca2c591a03aa9a322a6c0ebd0777c4dd521cab44f107ca6189e0107be0758e5ca6aadf78

  • SSDEEP

    98304:7dEPYMOo5jW4WF7KhlKBLaNi54hqjzB0gbY+ApQJMQZCWpn4XAWwLYOgLe89:KPYMVna7GK6i54hqjqmA6dn4XA9YO8d

Malware Config

Extracted

Family

raccoon

Botnet

0eceb3d1f21f3ea1b454c7f4a9867731

C2

http://146.70.86.11/

http://69.46.15.158/

rc4.plain

Targets

    • Target

      a97fed9c529571b5fb38587210e019ac.exe

    • Size

      6.8MB

    • MD5

      a97fed9c529571b5fb38587210e019ac

    • SHA1

      6128ef718208e3b1fd79021cd256d0dbecd654fa

    • SHA256

      979e6375e26c44315315f1e2d7476a074227a3464b7b96f7d7e4f08e27a2518e

    • SHA512

      876603b93d8bf471071da01828975fc94d97d5101360cfa34cc2f2a5ca2c591a03aa9a322a6c0ebd0777c4dd521cab44f107ca6189e0107be0758e5ca6aadf78

    • SSDEEP

      98304:7dEPYMOo5jW4WF7KhlKBLaNi54hqjzB0gbY+ApQJMQZCWpn4XAWwLYOgLe89:KPYMVna7GK6i54hqjqmA6dn4XA9YO8d

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks