Overview

overview

10

Static

static

1

URLScan

urlscan

https://www.youtube....

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbHdod19KM19RdlhSS3U0RnJZMGNCU18xMWc5d3xBQ3Jtc0tueWlORk9tU1VjSjQ3NExzTnpoSlNyTVN6enB2dkxQYVlGNkpNc1F3NVN0ajJnQ0o3cFJ0WjItVXJ0Zk1XWXR5YmVaSkpURUhXWGxrRG9CNjR2RThNX1d4MTJzNExtU013andnb2NJT05vWndrajdFOA&q=https%3A%2F%2Ftelegra.ph%2Ffv20-03-15&v=TVWVz7W7UjE

  • Sample

    230327-m8kvwsdb87

Score
10/10
raccoonf26f614d4c0bc2bcd6601785661fb5cfpersistencestealer

Malware Config

Extracted

Family

raccoon

Botnet

f26f614d4c0bc2bcd6601785661fb5cf

C2

http://45.9.74.170

http://77.73.134.43
rc4.plain

Targets

    • Target

      https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbHdod19KM19RdlhSS3U0RnJZMGNCU18xMWc5d3xBQ3Jtc0tueWlORk9tU1VjSjQ3NExzTnpoSlNyTVN6enB2dkxQYVlGNkpNc1F3NVN0ajJnQ0o3cFJ0WjItVXJ0Zk1XWXR5YmVaSkpURUhXWGxrRG9CNjR2RThNX1d4MTJzNExtU013andnb2NJT05vWndrajdFOA&q=https%3A%2F%2Ftelegra.ph%2Ffv20-03-15&v=TVWVz7W7UjE

    Score
    10/10
    raccoonf26f614d4c0bc2bcd6601785661fb5cfpersistencestealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks