raccoon | f325e9243c63c33c26535cf85eaf57809001c03d600254d34af3e7e75ad4c19a | Triage

Sharing

General

Target

f325e9243c63c33c26535cf85eaf57809001c03d600254d34af3e7e75ad4c19a.bin
Size

1.2MB
Sample

230501-xzzykaha4s
MD5

e0d3bdf0aff6c351300be19845f50d91
SHA1

52252db44e70417c8b5149960a04ee4f418f3617
SHA256

f325e9243c63c33c26535cf85eaf57809001c03d600254d34af3e7e75ad4c19a
SHA512

9dea097157939174bfa3834ab3dbe1cccd48ef4c7ebedcd1026ff3ec35f9f1b1e6bc3b9a56393e22ceb603dddf4640bac9c767978fb0accac59165e7b881a840
SSDEEP

6144:cryFm3tsc3013CmM5fGWY9wRnAOYyXyLUzRwBCauAq3Q3JAO3JMFX3Hk33Py32i3:crcm3tsc30oBnFXyduaOT7aLK

Score

10^/10

raccoon 051b76750ec3fdeb68bf42167dbfc18e stealer

Malware Config

Extracted

Family

raccoon

Botnet

051b76750ec3fdeb68bf42167dbfc18e

C2

http://185.247.184.58/

xor.plain

Targets

- Target
  
  f325e9243c63c33c26535cf85eaf57809001c03d600254d34af3e7e75ad4c19a.bin
- Size
  
  1.2MB
- MD5
  
  e0d3bdf0aff6c351300be19845f50d91
- SHA1
  
  52252db44e70417c8b5149960a04ee4f418f3617
- SHA256
  
  f325e9243c63c33c26535cf85eaf57809001c03d600254d34af3e7e75ad4c19a
- SHA512
  
  9dea097157939174bfa3834ab3dbe1cccd48ef4c7ebedcd1026ff3ec35f9f1b1e6bc3b9a56393e22ceb603dddf4640bac9c767978fb0accac59165e7b881a840
- SSDEEP
  
  6144:cryFm3tsc3013CmM5fGWY9wRnAOYyXyLUzRwBCauAq3Q3JAO3JMFX3Hk33Py32i3:crcm3tsc30oBnFXyduaOT7aLK
Score

10^/10

raccoon 051b76750ec3fdeb68bf42167dbfc18e stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon051b76750ec3fdeb68bf42167dbfc18estealer

behavioral2

raccoon051b76750ec3fdeb68bf42167dbfc18estealer