raccoon | 47900e34c718e9d4469f855c5ab52265496d614ef307f16cd30be58b04b3fe04 | Triage

Resubmissions

21-02-2023 10:46

230221-mt4pfsee56 10

20-02-2023 14:06

230220-repdfaaf5x 5

06-02-2023 02:06

230206-cjwkzsbf93 5

Sharing

General

Target

Setup.exe
Size

6.7MB
Sample

230221-mt4pfsee56
MD5

4a74b4d5383b42b15245aec5b9de0e59
SHA1

3c03ec01a330d405bf26e751b6590517e551c8e1
SHA256

47900e34c718e9d4469f855c5ab52265496d614ef307f16cd30be58b04b3fe04
SHA512

b205a8790a2f53e74ecc7f7f29f793f8a3f92d15b52aac89b2c9c05b0663f5cdfbff62685bdd921bf31ec01cf37ce66a3c2fe077ef1564e721ce1446523f69ee
SSDEEP

196608:mYTJPdCItuklI4LkpmwxWNNYocrM6D37D/hoHTb+P:dTJPw7klMsbYozuHhkP+

Score

10^/10

raccoon 4ee2cb7da0a3931a9114d3f32bae4b8d stealer

Malware Config

Extracted

Family

raccoon

Botnet

4ee2cb7da0a3931a9114d3f32bae4b8d

C2

http://146.70.161.70/

rc4.plain

Targets

- Target
  
  Setup.exe
- Size
  
  6.7MB
- MD5
  
  4a74b4d5383b42b15245aec5b9de0e59
- SHA1
  
  3c03ec01a330d405bf26e751b6590517e551c8e1
- SHA256
  
  47900e34c718e9d4469f855c5ab52265496d614ef307f16cd30be58b04b3fe04
- SHA512
  
  b205a8790a2f53e74ecc7f7f29f793f8a3f92d15b52aac89b2c9c05b0663f5cdfbff62685bdd921bf31ec01cf37ce66a3c2fe077ef1564e721ce1446523f69ee
- SSDEEP
  
  196608:mYTJPdCItuklI4LkpmwxWNNYocrM6D37D/hoHTb+P:dTJPw7klMsbYozuHhkP+
Score

10^/10

raccoon 4ee2cb7da0a3931a9114d3f32bae4b8d stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoon4ee2cb7da0a3931a9114d3f32bae4b8dstealer