Overview

overview

10

Static

static

1

File_For-PC_2023.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    File_For-PC_2023.exe

  • Size

    6.6MB

  • Sample

    230222-d9vl2sbe51

  • MD5

    bd15403d5df88d8cc43bebb99c693081

  • SHA1

    2bb14961a9f0bd6e1290f6d40f82e52e0787b76f

  • SHA256

    443d8b32c93c9464b200823b5f7fc6378a26971383e2619c19a0d9dd6ba0b7ba

  • SHA512

    73e2935f3668e15342f3b68ac1fd2d1c78b24377a45f733194e6c1f85060da59358a32e5bd59accaf6fa20d95c61221fc20376efdedc4ec2798447103f9a500e

  • SSDEEP

    196608:cujVzKGt5ZBddwEOa3uqvqFME6d1aZEHQ0cYYBxEG:c2PRdBTdE6d1UEw0cHBK

Score
10/10
raccoon467a953db8cf896cec6946f6144f8158stealer

Malware Config

Extracted

Family

raccoon

Botnet

467a953db8cf896cec6946f6144f8158

C2

http://5.75.182.199/

http://77.91.84.68/

http://80.85.241.20/
rc4.plain

Targets

    • Target

      File_For-PC_2023.exe

    • Size

      6.6MB

    • MD5

      bd15403d5df88d8cc43bebb99c693081

    • SHA1

      2bb14961a9f0bd6e1290f6d40f82e52e0787b76f

    • SHA256

      443d8b32c93c9464b200823b5f7fc6378a26971383e2619c19a0d9dd6ba0b7ba

    • SHA512

      73e2935f3668e15342f3b68ac1fd2d1c78b24377a45f733194e6c1f85060da59358a32e5bd59accaf6fa20d95c61221fc20376efdedc4ec2798447103f9a500e

    • SSDEEP

      196608:cujVzKGt5ZBddwEOa3uqvqFME6d1aZEHQ0cYYBxEG:c2PRdBTdE6d1UEw0cHBK

    Score
    10/10
    raccoon467a953db8cf896cec6946f6144f8158stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks