Overview

overview

10

Static

static

7

new_versio...ll.exe

windows7-x64

10

new_versio...ll.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    new_version_2023.rar

  • Size

    37.7MB

  • Sample

    230331-kr6d6aha68

  • MD5

    ac8c54a76edec64d7f3f8371e382d00d

  • SHA1

    db549dde6b21fbb44bc335008a56d9da3aed4484

  • SHA256

    a16008f893fc483bf2eec2bf2c2b03ab78a2b0c6422dfbf4c7547c206fbaa18f

  • SHA512

    4b278166c2c9138221422f9f4adf2eb5deeaa397169daff1baecf8ae819d66aa1ff0afbc7090cc37aa6273758e89d03fcaebdb31b56c8bfd73a30005d341c179

  • SSDEEP

    786432:svQcDMdbbk4gntIhsOqXUbaQiqsZE/lWpryZv57zDGR8Qwx:MPwd04IiDbRi+Kyx5L8xS

Score
10/10
raccoonf26f614d4c0bc2bcd6601785661fb5cf�q�m������e�stealerupx

Malware Config

Extracted

Family

raccoon

Botnet

f26f614d4c0bc2bcd6601785661fb5cf

C2

http://37.220.87.66/

rc4.plain

Extracted

Family

raccoon

Botnet

�Q�M������e�

rc4.plain

Targets

    • Target

      new_version_2023/Instаll.exe

    • Size

      963.1MB

    • MD5

      19a87db4d6908767804d28bd7e7e6b17

    • SHA1

      87919afc1042555662903ec5ea2d28e38f9aa2b8

    • SHA256

      13e0f677975226784e67fa9d08374ec40bc9a6f6d0de3493e261b882f13e2826

    • SHA512

      3ce51868bb1e3c971d33e6547951404615416b1f69c4348ad32451d3954bbb1bc8361065abdcccdbe0e4f03fcb601d981a16e22f61b71ebab40af87dcc8149a7

    • SSDEEP

      24576:ewNuU9GH8Hrgi5sWmhA8IP3b4q7W5BfwPxod0KImzcF/WkvMr73L4dbu4t1TcVfp:79GH+g8sWmhIPJ60i0Kp/rodl/TcVfp

    Score
    10/10
    raccoonf26f614d4c0bc2bcd6601785661fb5cf�q�m������e�stealerupx

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks