raccoon | 8f99effc679549c2af919814cbf114542a20d267e622804c97c06da3f6108ef9 | Triage

Sharing

General

Target

SoftWare 2023.zip
Size

183.5MB
Sample

230321-epntfagg33
MD5

dbfa73fb5c6c3de0c051621ab5da9a98
SHA1

f9a98c9fc00d96282aeddd59b1d0f6027fbbaad8
SHA256

8f99effc679549c2af919814cbf114542a20d267e622804c97c06da3f6108ef9
SHA512

88ad4fa740dac6e1a81cdc5c6a4a2ac58395aca76f2d1e12e136b2729352386774c554d0c92309f9bcfefdeece3a98adf3b6500cd288989757ed33ec8487a46b
SSDEEP

3145728:z7nRCSFLqSBd9DntVnN9aVQm/rmhzRp85Ccz0hLb7eHcPj13:zUS9DBzDnrtmb1Wb7eH05

Score

10^/10

raccoon 717609e6131226f92ce8ce08c34305be stealer

Malware Config

Extracted

Family

raccoon

Botnet

717609e6131226f92ce8ce08c34305be

C2

http://45.9.74.170

http://77.73.134.43

rc4.plain

Targets

- Target
  
  SoftWare 2023/Setup.exe
- Size
  
  733.1MB
- MD5
  
  d5bb80569e355d6e65de761d46b39da0
- SHA1
  
  8731c0883164cc951e3e80be5c64ef09400324a7
- SHA256
  
  213ec8ae881fbf7821c8e6574f37452bc6bb92f93ac634aa43adb5300138e614
- SHA512
  
  1b3593c746b79a056c15b7fe8c91c2f38685bb32eb924e34d94ba64c42cf41014ba52f2ef2bc8140837fb05f2fa04ffce92ca694c72faf9461cab88fbf805d9d
- SSDEEP
  
  393216:fCnzmUSYCLfqwNh5kbGUf/t1ow5QnBE6Ye:fJUSrLS8hObGUdf50a7e
Score

10^/10

raccoon 717609e6131226f92ce8ce08c34305be stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon717609e6131226f92ce8ce08c34305bestealer

behavioral2

raccoon717609e6131226f92ce8ce08c34305bestealer