General
-
Target
https://mega.nz/file/341xBZQJ#w_qd3vfstI9QqOqXWa0C8JX4FqvkAnRfYOZj1h24BEY
-
Sample
230331-wqny9sdf4v
Score
10/10
Malware Config
Extracted
Family
raccoon
Botnet
01ce0bf18c5eb0152a13b2ee5d4d8adc
C2
http://37.220.87.69
http://83.217.11.6
rc4.plain
Targets
-
-
Target
https://mega.nz/file/341xBZQJ#w_qd3vfstI9QqOqXWa0C8JX4FqvkAnRfYOZj1h24BEY
Score10/10-
Raccoon
Raccoon is an infostealer written in C++ and first seen in 2019.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-