General

  • Target

    7fafc58111e8d1f14f84e326978d9840.bin

  • Size

    6.0MB

  • Sample

    230212-bw4lpahf6w

  • MD5

    ebbf3814914c322a1d24b2b6c9d24c64

  • SHA1

    2814f8c04f6e1442774ce925a62925c2a94b3173

  • SHA256

    92b9353d82c9533c466ae1e4599c05b6d47f210d463556d713fb540a5850cec2

  • SHA512

    f266667b600ab5fdecac94442ececfcd662c5779a9f0857f4216a09ed67e2cfa7bcabe0ffea124da290fbd358c595ad215538dd7df069e0830e96e4b6de2b7e5

  • SSDEEP

    196608:geqMsx3oHCqfWwrXvmykgmu8IYOew9qYImJJXIbiAv:ax3oHCqfWMXfmlIYrVWJJXAiAv

Malware Config

Extracted

Family

raccoon

Botnet

3cfafe5ac067c908220fc0fce1cc69e1

C2

http://194.15.216.23

http://5.255.100.41

rc4.plain

Targets

    • Target

      cb45b57698a167a7c414c8f386c0ba9d8835b4a844ca2b3ecaf4f31d72a65269.exe

    • Size

      6.2MB

    • MD5

      7fafc58111e8d1f14f84e326978d9840

    • SHA1

      5972457e02ae473e6912b629ec36145f46b05e0b

    • SHA256

      cb45b57698a167a7c414c8f386c0ba9d8835b4a844ca2b3ecaf4f31d72a65269

    • SHA512

      bb95e256dfb89913606cc45e7dae4710ee658b7ed1ad358f4b18cd8e33bd881a35584be1d1499d91940242d889622c92e7ccdbf31737f84bfb148ab99dfd3581

    • SSDEEP

      196608:ZhXUUM2SCRZs2wECDsQhN87LFqQCHQkScDB4:ZhkMzRZs2wECDh8VnCwV+B4

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks