raccoon | cbce40bf3e5cfecddf50728887a121d57f1cb686b31e3891d6cd29034f840d13 | Triage

Sharing

General

Target

f_00a55f.zip
Size

6.9MB
Sample

230221-pw833agf5x
MD5

1d7849ceb24fd8d25a0e95e38e5a5aaa
SHA1

8034abb62f87899132457808d7faac29ea9ae0af
SHA256

cbce40bf3e5cfecddf50728887a121d57f1cb686b31e3891d6cd29034f840d13
SHA512

9eea33968503d28a95feab13e26d7721df61877207dbb45fbebfeb28ebc5417d369974e2251947136cde2e179136b3141363c8e55321b09ec4af81968de4ac51
SSDEEP

196608:4H7n45Z9RE6Dsq7j2t1FDM8xT8idIsDUOFgluJn1IkCYHFla:u7nk26DswUI8xY5yFSS1rHva

Score

10^/10

raccoon d4074b8c479181b90e810443a9405f3c stealer

Malware Config

Extracted

Family

raccoon

Botnet

d4074b8c479181b90e810443a9405f3c

C2

http://37.220.87.44/

http://94.131.3.70/

http://83.217.11.11/

http://83.217.11.13/

http://83.217.11.14/

rc4.plain

Targets

- Target
  
  Setup.exe
- Size
  
  726.6MB
- MD5
  
  db409a02d35f7abda02d88536f642c79
- SHA1
  
  6b785b1119c5be04288279c09db5645eb7a70dab
- SHA256
  
  b120dfc28197d064b9146feac33c2ebbd64736b8fd0803e3e339d27ca93f80a2
- SHA512
  
  b12f57a4dd9ce4142f7ee7055e6e4e5bfbf06a638547ab73e23aa7d54d9bc56c1c096e14825c3089c9599e03809acbb6f1db650e2bce86de19a9b057a5f78edf
- SSDEEP
  
  196608:5Yut/39jz91df0Uh1fRrZ2LLbDalVJk09TsW:R/l9H1f63bDalPp/
Score

10^/10

raccoon d4074b8c479181b90e810443a9405f3c stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
behavioral1 behavioral2
- Target
  
  vcomp140.dll
- Size
  
  176KB
- MD5
  
  884c6f8718fd95c25e16a4789ae3bf7a
- SHA1
  
  33f7e6846498871927d21bed11cc4ef41804112a
- SHA256
  
  f8d8aca399a0f7e40b2993584404b31f13bf18ea657a5feb85b37b15a249a275
- SHA512
  
  48384af2f6359ca3ee6996fc34df8c357164097f0c0c5cb30f5bd080baa6af3b4bcada17fb94933a99955f97c4ac0e554ca2373a5638e29db84e8318165c7b0c
- SSDEEP
  
  3072:+Pr3XpMvAiR3LQpxELm3uFX1TfgZhPlUDJR9ZURc/5:+znSvAiO+m3uFFOj+O6/5
Score

3^/10
behavioral3 behavioral4
- Target
  
  vcruntime140.dll
- Size
  
  94KB
- MD5
  
  11d9ac94e8cb17bd23dea89f8e757f18
- SHA1
  
  d4fb80a512486821ad320c4fd67abcae63005158
- SHA256
  
  e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e
- SHA512
  
  aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778
- SSDEEP
  
  1536:yDHLG4SsAzAvadZw+1Hcx8uIYNUzUnHg4becbK/zJrCT:yDrfZ+jPYNznHg4becbK/Fr
Score

3^/10
behavioral5 behavioral6
- Target
  
  win-api.config
- Size
  
  186B
- MD5
  
  9070d769fd43fb9def7e9954fba4c033
- SHA1
  
  de4699cdf9ad03aef060470c856f44d3faa7ea7f
- SHA256
  
  cbaf2ae95b1133026c58ab6362af2f7fb2a1871d7ad58b87bd73137598228d9b
- SHA512
  
  170028b66c5d2db2b8c90105b77b0b691bf9528dc9f07d4b3983d93e9e37ea1154095aaf264fb8b5e67c167239697337cc9e585e87ef35faa65a969cac1aa518
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

raccoond4074b8c479181b90e810443a9405f3cstealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8