raccoon | hxxps://telegra[.]ph/New-Soft-2023-02-14 | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://telegra.ph/N...

windows10-1703-x64

Resubmissions

22-03-2023 19:39

230322-ydek6sch5w 10

22-03-2023 19:36

230322-ybjr4sah77 7

Sharing

General

Target

https://telegra.ph/New-Soft-2023-02-14
Sample

230322-ydek6sch5w

Score

10^/10

raccoon 717609e6131226f92ce8ce08c34305be stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://telegra.ph/New-Soft-2023-02-14

Resource

win10-20230220-en

raccoon 717609e6131226f92ce8ce08c34305be stealer

windows10-1703-x64

15 signatures

1800 seconds

Malware Config

Extracted

Family

raccoon

Botnet

717609e6131226f92ce8ce08c34305be

C2

http://45.9.74.170

http://77.73.134.43

rc4.plain

Targets

- Target
  
  https://telegra.ph/New-Soft-2023-02-14
Score

10^/10

raccoon 717609e6131226f92ce8ce08c34305be stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

urlscan1

behavioral1

raccoon717609e6131226f92ce8ce08c34305bestealer

© 2018-2024

Terms | Privacy