raccoon | 4c77d3aabcd34b20cfbd8c1383732b3d3216cafaf609a06f69dda6ff747c263b | Triage

Submit
Reports

Overview

overview

Static

static

7

aida64.exe

windows7-x64

1

aida64.exe

windows10-2004-x64

Sharing

General

Target

aida64_685.zip
Size

43.7MB
Sample

230208-j3a7qahg22
MD5

c9da0103d8ab7daf4437126d86070962
SHA1

7e0a7d13eb54ab553eda7b3d888c7d7a6500cf3f
SHA256

4c77d3aabcd34b20cfbd8c1383732b3d3216cafaf609a06f69dda6ff747c263b
SHA512

4e3a838d4c0fbf6f45797080317241985c24fc4a7fa3597c8309ad8f240fc06a3a29297f0728c99f31b8e18e4e042650749775e0d1745bddb59a4db6b76931b9
SSDEEP

786432:1TP3wR4m2qVuj7SallJ1xLp2OANZfkqrVL84LRUWT+y2iNWik7LQp1/1yesN:hgtwXhllJ1lp2dNZsqBNLKWT+y2CQE1y

Score

10^/10

raccoon e03a7d21cf6c27d1c1b42b2ef6c4d83f stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

aida64.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

aida64.exe

Resource

win10v2004-20221111-en

raccoon e03a7d21cf6c27d1c1b42b2ef6c4d83f stealer

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

e03a7d21cf6c27d1c1b42b2ef6c4d83f

C2

http://135.181.68.23/

rc4.plain

Targets

- Target
  
  aida64.exe
- Size
  
  726.7MB
- MD5
  
  6235757f9facda9b16f498aa0f24e2a0
- SHA1
  
  15fc99e3ee6d887a59ec48fa9c5dd85e6fd7ae05
- SHA256
  
  58ae566c0ae9185f68b9c933e436e8ed1c7eba42f6211fc9a396ec3d368a6ed6
- SHA512
  
  91c64e99a20307751408d40b3522050470cbea52e9b40d665be5c381c080453f384828332a6ff9252f8fa3108c96be8ae3ed311a6f1ec2bef8413490a8d34c75
- SSDEEP
  
  196608:ZKJZn0pjP4Hxrx8ABvYU446EezqRJSzZVgxU:wqURrx8O42ezqRJSdV7
Score

10^/10

raccoon e03a7d21cf6c27d1c1b42b2ef6c4d83f stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoone03a7d21cf6c27d1c1b42b2ef6c4d83fstealer

© 2018-2024

Terms | Privacy