raccoon | ea9801d82bc72a0903473c1422e291d54d080f30d255942de8a76d0ecfaabbfe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

668a08f06520c228006acc999d7387cd.exe
Size

316KB
Sample

230311-nctctshc88
MD5

668a08f06520c228006acc999d7387cd
SHA1

4319e8eed5471ba86fe2fd783bfd92e2e460c985
SHA256

ea9801d82bc72a0903473c1422e291d54d080f30d255942de8a76d0ecfaabbfe
SHA512

d77c08403fb57d000cba732d0f145f07dfbbc89c89df3a74cb3ed9a97d4de0deda10cc5312b126611db974fbe95e4ce1236272560336ad2bef2ece5e2da2c58d
SSDEEP

3072:QTMTrGg0Lucn1npBORDKHKxCsfkfZkwkGaXa+svl1+cy6R9BDI:UM2vL71pWhqZv+cy6

Score

10^/10

raccoon bbbd8c4f062887157c5c54f47994f907 stealer

Malware Config

Extracted

Family

raccoon

Botnet

bbbd8c4f062887157c5c54f47994f907

C2

http://103.155.93.161/

rc4.plain

Targets

- Target
  
  668a08f06520c228006acc999d7387cd.exe
- Size
  
  316KB
- MD5
  
  668a08f06520c228006acc999d7387cd
- SHA1
  
  4319e8eed5471ba86fe2fd783bfd92e2e460c985
- SHA256
  
  ea9801d82bc72a0903473c1422e291d54d080f30d255942de8a76d0ecfaabbfe
- SHA512
  
  d77c08403fb57d000cba732d0f145f07dfbbc89c89df3a74cb3ed9a97d4de0deda10cc5312b126611db974fbe95e4ce1236272560336ad2bef2ece5e2da2c58d
- SSDEEP
  
  3072:QTMTrGg0Lucn1npBORDKHKxCsfkfZkwkGaXa+svl1+cy6R9BDI:UM2vL71pWhqZv+cy6
Score

10^/10

raccoon bbbd8c4f062887157c5c54f47994f907 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoonbbbd8c4f062887157c5c54f47994f907stealer

behavioral2

raccoonbbbd8c4f062887157c5c54f47994f907stealer