Overview

overview

10

Static

static

1

AllUpdateS...on.rar

windows7-x64

3

AllUpdateS...on.rar

windows10-2004-x64

3

Final_Setu...ey.rar

windows7-x64

3

Final_Setu...ey.rar

windows10-2004-x64

3

FullSetup.exe

windows7-x64

10

FullSetup.exe

windows10-2004-x64

10

Main-PaSsWord.txt

windows7-x64

1

Main-PaSsWord.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AllUpdateSetup_Fully_Version.rar

  • Size

    16.0MB

  • Sample

    230402-tfddnsae4t

  • MD5

    c93342a423a4cd0025e20ec69adde88c

  • SHA1

    2ae5807db2f6e19a772afc6d7450380123813a52

  • SHA256

    caa19bec8d8cb712306e8f1662d9475bdcb0ea4d2434776a0cd199d7cbc5d2fa

  • SHA512

    57306ba4e82ca343398f2ae084b653dc48d084cfa42295b1a49f89f31d6f8c79810e6980b746c1ccaf9753e0c490d25f05fab5d83c666ec75bd5a6ae6b8280c0

  • SSDEEP

    393216:JHBdSuvw6vKQiTfzWo3nRzMce/aXEVDPRi:JhRo6v/ibzHRoceyUlP0

Score
10/10
raccoon13718a923845c0cdab8ce45c585b8d63stealer

Malware Config

Extracted

Family

raccoon

Botnet

13718a923845c0cdab8ce45c585b8d63

C2

http://45.15.156.143/

rc4.plain

Targets

    • Target

      AllUpdateSetup_Fully_Version.rar

    • Size

      16.0MB

    • MD5

      c93342a423a4cd0025e20ec69adde88c

    • SHA1

      2ae5807db2f6e19a772afc6d7450380123813a52

    • SHA256

      caa19bec8d8cb712306e8f1662d9475bdcb0ea4d2434776a0cd199d7cbc5d2fa

    • SHA512

      57306ba4e82ca343398f2ae084b653dc48d084cfa42295b1a49f89f31d6f8c79810e6980b746c1ccaf9753e0c490d25f05fab5d83c666ec75bd5a6ae6b8280c0

    • SSDEEP

      393216:JHBdSuvw6vKQiTfzWo3nRzMce/aXEVDPRi:JhRo6v/ibzHRoceyUlP0

    Score
    3/10
    behavioral1behavioral2

    • Target

      Final_Setups_2023_As_PassKey.rar

    • Size

      16.0MB

    • MD5

      4c8385176970e635f4753d8821dbc811

    • SHA1

      093fe7c37b04817ab19754e9c015cc6b2a39f397

    • SHA256

      20ffe462bc4cd6c33339c0a1a2a908170ea6e438f92f7478ca93cc324f26dd98

    • SHA512

      a062356efa56237edaee10e023afc776e3f9c9faa684165876f6fbd260882c05dae6f80f530f328956e8339218d4fa6f203287560ba81276eb7fa05a23627c02

    • SSDEEP

      393216:SHBdSuvw6vKQiTfzWo3nRzMce/aXEVDPRN:ShRo6v/ibzHRoceyUlPH

    Score
    3/10
    behavioral3behavioral4

    • Target

      FullSetup.exe

    • Size

      1023.0MB

    • MD5

      0d841e12892835ac7f4e6b862bcff9eb

    • SHA1

      a9bf5e35571839a6b46ef0b7cc501f570910c67b

    • SHA256

      11647cffa0619b1f643b6dd91fd6448c171eea5f7d101f54e5f27c4b19be80dc

    • SHA512

      436e4f0bea2f0b24dcf62cc30ed7ceb38ca00966e24136d46c5a2de29438cf54127cb4625ce4b7b9257012ad211b57967ed44c4441db364062a5c409333e59b8

    • SSDEEP

      196608:NIwGXgGtIGbzp9yYXOcpg73bQZ+cXFH+5Y/W57Cd4LpaGGU8m3sV//5XgfFIMcIV:yXXXDpFORruH+EWkdCwU8sIJYn

    Score
    10/10
    raccoon13718a923845c0cdab8ce45c585b8d63stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon
    behavioral5behavioral6

    • Target

      Main-PaSsWord.txt

    • Size

      1.1MB

    • MD5

      2cc37f538fc50729507fc0542589f9fb

    • SHA1

      96caa72fbcb47f8cddc872b36f4947ee466bcae3

    • SHA256

      493037c8e19f483283216a04c03ff87fcd3c5cbfcc2dae0cea3425306851df40

    • SHA512

      08bd7ad80d30541fd637d5d5c5ba2dd3ba780f44ddea0c499b6e3e91d9d0710c80acdebfbf31b83473816f994f80792befb47802de97203acf73188945e7b042

    • SSDEEP

      24:bZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZz:n

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks