Overview

overview

10

Static

static

1

Active_Ver...ps.rar

windows7-x64

10

Active_Ver...ps.rar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Active_Version_Fully_Setups.rar

  • Size

    12.4MB

  • Sample

    230406-cpymjaah38

  • MD5

    f588b0444462c53360663ac435c60449

  • SHA1

    76bc144accf885d58cf3d814e1e00fe0c9f00455

  • SHA256

    968c44669316afd10647241ac2ec0fb93791863d3b41075be3f382b093fa516c

  • SHA512

    0238e5634adaf0f31b648f76face0759a4329d5a138206da943af993e160137e813b728efa49fa4be1a5a3e8318e9573ff6715f1be80a769ca53b731865a16dc

  • SSDEEP

    196608:I/XrZIOLnKVrhzzAhebMXdPmsdKE4VzolZ6AOv3uMbwWwtO7ufVE07oXEt2B2Ah:I6CE1zuOMNPFKE4V61OPnbwF60+Fh

Score
10/10
raccoon13718a923845c0cdab8ce45c585b8d63stealer

Malware Config

Extracted

Family

raccoon

Botnet

13718a923845c0cdab8ce45c585b8d63

C2

http://45.15.156.143/

rc4.plain

Targets

    • Target

      Active_Version_Fully_Setups.rar

    • Size

      12.4MB

    • MD5

      f588b0444462c53360663ac435c60449

    • SHA1

      76bc144accf885d58cf3d814e1e00fe0c9f00455

    • SHA256

      968c44669316afd10647241ac2ec0fb93791863d3b41075be3f382b093fa516c

    • SHA512

      0238e5634adaf0f31b648f76face0759a4329d5a138206da943af993e160137e813b728efa49fa4be1a5a3e8318e9573ff6715f1be80a769ca53b731865a16dc

    • SSDEEP

      196608:I/XrZIOLnKVrhzzAhebMXdPmsdKE4VzolZ6AOv3uMbwWwtO7ufVE07oXEt2B2Ah:I6CE1zuOMNPFKE4V61OPnbwF60+Fh

    Score
    10/10
    raccoon13718a923845c0cdab8ce45c585b8d63stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks