Overview

overview

10

Static

static

1

1e2b3c0589...8b.exe

windows7-x64

10

1e2b3c0589...8b.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    54s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    31-03-2023 05:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e2b3c0589e8df18ada383c48347a28b.exe

  • Size

    3.1MB

  • MD5

    1e2b3c0589e8df18ada383c48347a28b

  • SHA1

    d30189b257c6a303d41145c9f18709b9118c4eec

  • SHA256

    c9fe71715c02aadcef31d9df6ad876f7d9ac9e747c0ec541139a2d22045a1b67

  • SHA512

    d8e7b339dbcd20923442a6b6d77aea18b17f63207737a8c1efc556b7d57c634af2b325f0c1b658200f42ab4ac2f9a186284397e9c9e4f6cc20d65c15b39c3732

  • SSDEEP

    49152:NAHDmz/PG7OIg7NMvWvnwvCoj85R1dvuxHxtx+6e+QCR0W4+RJHeEcs:NMKG7OIgpLnwwPFuRsUR0+RFZ

Score
10/10
raccoon94c54520400750937a6f1bf6044f8667stealer

Malware Config

Extracted

Family

raccoon

Botnet

94c54520400750937a6f1bf6044f8667

C2

http://185.181.10.208/

rc4.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon

Processes

  • C:\Users\Admin\AppData\Local\Temp\1e2b3c0589e8df18ada383c48347a28b.exe
    "C:\Users\Admin\AppData\Local\Temp\1e2b3c0589e8df18ada383c48347a28b.exe"
    1⤵
      PID:1260

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1260-54-0x0000000000400000-0x000000000091A000-memory.dmp

      Filesize

      5.1MB

      Download

    • memory/1260-56-0x0000000000400000-0x000000000091A000-memory.dmp

      Filesize

      5.1MB

      Download

    • memory/1260-59-0x0000000000400000-0x000000000091A000-memory.dmp

      Filesize

      5.1MB

      Download