raccoon | b297a76de5182907a69a878cf161ca65b274152eb92a9d9591248ac4f5494dcf | Triage

Submit
Reports

Overview

overview

Static

static

1

MDE_File_S...0a.zip

windows10-1703-x64

Resubmissions

20-02-2023 05:56

230220-gm5ehshc71 10

20-02-2023 05:51

230220-gkf9xahc7z 1

Sharing

General

Target

MDE_File_Sample_0a.zip
Size

1.4MB
Sample

230220-gm5ehshc71
MD5

969c76c606bd18792bc2acb3944d76c1
SHA1

9df39202fdb533508c51b9efcc3eb169a10d8c1b
SHA256

b297a76de5182907a69a878cf161ca65b274152eb92a9d9591248ac4f5494dcf
SHA512

6100009f7fc88bc22e7be41bbdc3fc8b1a4ba24fbe59abbe84646c5f2eafb84aab6cfbbfa3e4d199e308660f4dd35be3fc01afaeb70a61c4d823b044d37a3ac3
SSDEEP

24576:+hBNa4T6AUdB9fPGMmEOtIX8OxJNzmtXdBJTJyyZwn8cMV0VGkK122VNei2j5cne:+vBUf9TmEOtwFNSnBryyOnCyVGkK1f2b

Score

10^/10

raccoon ae72a9288d2ce774d14ddadddb8258c1 stealer

Static task

static1

Behavioral task

behavioral1

Sample

MDE_File_Sample_0a.zip

Resource

win10-20220812-en

raccoon ae72a9288d2ce774d14ddadddb8258c1 stealer

windows10-1703-x64

8 signatures

600 seconds

Malware Config

Extracted

Family

raccoon

Botnet

ae72a9288d2ce774d14ddadddb8258c1

C2

http://83.217.11.11/

rc4.plain

Targets

- Target
  
  MDE_File_Sample_0a.zip
- Size
  
  1.4MB
- MD5
  
  969c76c606bd18792bc2acb3944d76c1
- SHA1
  
  9df39202fdb533508c51b9efcc3eb169a10d8c1b
- SHA256
  
  b297a76de5182907a69a878cf161ca65b274152eb92a9d9591248ac4f5494dcf
- SHA512
  
  6100009f7fc88bc22e7be41bbdc3fc8b1a4ba24fbe59abbe84646c5f2eafb84aab6cfbbfa3e4d199e308660f4dd35be3fc01afaeb70a61c4d823b044d37a3ac3
- SSDEEP
  
  24576:+hBNa4T6AUdB9fPGMmEOtIX8OxJNzmtXdBJTJyyZwn8cMV0VGkK122VNei2j5cne:+vBUf9TmEOtwFNSnBryyOnCyVGkK1f2b
Score

10^/10

raccoon ae72a9288d2ce774d14ddadddb8258c1 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoonae72a9288d2ce774d14ddadddb8258c1stealer

© 2018-2024

Terms | Privacy