raccoon | hxxps://tinyurl[.]com/23rc3v37 | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://tinyurl.com/...

windows10-1703-x64

Sharing

General

Target

https://tinyurl.com/23rc3v37
Sample

230407-djsd1aaa4y

Score

10^/10

raccoon 717609e6131226f92ce8ce08c34305be stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://tinyurl.com/23rc3v37

Resource

win10-20230220-en

raccoon 717609e6131226f92ce8ce08c34305be stealer

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

717609e6131226f92ce8ce08c34305be

C2

http://37.220.87.66/

xor.plain

Targets

- Target
  
  https://tinyurl.com/23rc3v37
Score

10^/10

raccoon 717609e6131226f92ce8ce08c34305be stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

urlscan1

behavioral1

raccoon717609e6131226f92ce8ce08c34305bestealer

© 2018-2024

Terms | Privacy