raccoon | b97effcb10ad6955bbe17337fa179e47446bbed0085f8b9fe47be1e02c0596b6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

Use_76009_...-1.rar

windows7-x64

Use_76009_...-1.rar

windows10-2004-x64

Sharing

General

Target

Use_76009_As_Passw0rdd-1.rar
Size

17.0MB
Sample

230322-s4qhgabe9s
MD5

80d4dc1b8c0bf4b668015b45dbff7345
SHA1

fb001303296f45c3a0c79c279319914c0701ab50
SHA256

b97effcb10ad6955bbe17337fa179e47446bbed0085f8b9fe47be1e02c0596b6
SHA512

53a321fb7e71cded0294125d43c15ed7b17b73df6028b603ccb502b8d9de23e67ec3c9395cc9835b512c5a6aa044d5b18c8b9fff016c6be1d9e19d4b35144873
SSDEEP

393216:f9qkNZ8Twag5yWO3yk+4yVWdOuijtTjgV/HGHCbaDpgoluAgl:f93aTwaAyWs3XigOuigGHCeWolu/

Score

10^/10

raccoon 01ce0bf18c5eb0152a13b2ee5d4d8adc stealer

Static task

static1

Behavioral task

behavioral1

Sample

Use_76009_As_Passw0rdd-1.rar

Resource

win7-20230220-es

raccoon 01ce0bf18c5eb0152a13b2ee5d4d8adc stealer

windows7-x64

10 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Use_76009_As_Passw0rdd-1.rar

Resource

win10v2004-20230221-es

raccoon 01ce0bf18c5eb0152a13b2ee5d4d8adc stealer

windows10-2004-x64

9 signatures

1800 seconds

Malware Config

Extracted

Family

raccoon

Botnet

01ce0bf18c5eb0152a13b2ee5d4d8adc

C2

http://37.220.87.69

http://83.217.11.6

rc4.plain

Targets

- Target
  
  Use_76009_As_Passw0rdd-1.rar
- Size
  
  17.0MB
- MD5
  
  80d4dc1b8c0bf4b668015b45dbff7345
- SHA1
  
  fb001303296f45c3a0c79c279319914c0701ab50
- SHA256
  
  b97effcb10ad6955bbe17337fa179e47446bbed0085f8b9fe47be1e02c0596b6
- SHA512
  
  53a321fb7e71cded0294125d43c15ed7b17b73df6028b603ccb502b8d9de23e67ec3c9395cc9835b512c5a6aa044d5b18c8b9fff016c6be1d9e19d4b35144873
- SSDEEP
  
  393216:f9qkNZ8Twag5yWO3yk+4yVWdOuijtTjgV/HGHCbaDpgoluAgl:f93aTwaAyWs3XigOuigGHCeWolu/
Score

10^/10

raccoon 01ce0bf18c5eb0152a13b2ee5d4d8adc stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon01ce0bf18c5eb0152a13b2ee5d4d8adcstealer

behavioral2

raccoon01ce0bf18c5eb0152a13b2ee5d4d8adcstealer

© 2018-2025

Terms | Privacy