raccoon | 3355171c39c4e3160fc418fea6342a585aaf422c4188237f8c51a4b901ea639e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setuppatched.exe.bin
Size

14.3MB
Sample

230505-zrzc6see24
MD5

30348029badd705ce82bf3a464e44489
SHA1

f4dd480452085de90e4820e8ba8dc4b65cefbcf5
SHA256

3355171c39c4e3160fc418fea6342a585aaf422c4188237f8c51a4b901ea639e
SHA512

dd5b96b6bfbb4235b7d211dbb9903223746f05fee6e52319478087fef8f2fed3d31a9452367a98e688e8625f7f518e7163683c7dd9e0337a4ed4781e03350137
SSDEEP

393216:WnS7+1RCNQAhN/uOCoNetaiHFsqz2xQmbNfmOnjD4+dF5q:WAqOCms5HuS2hbFmOnjD4+H5

Score

10^/10

raccoon 1f24465a8292fc98889a03fe629e86db stealer

Malware Config

Extracted

Family

raccoon

Botnet

1f24465a8292fc98889a03fe629e86db

C2

http://37.220.87.69

http://83.217.11.6

xor.plain

Targets

- Target
  
  Setuppatched.exe.bin
- Size
  
  14.3MB
- MD5
  
  30348029badd705ce82bf3a464e44489
- SHA1
  
  f4dd480452085de90e4820e8ba8dc4b65cefbcf5
- SHA256
  
  3355171c39c4e3160fc418fea6342a585aaf422c4188237f8c51a4b901ea639e
- SHA512
  
  dd5b96b6bfbb4235b7d211dbb9903223746f05fee6e52319478087fef8f2fed3d31a9452367a98e688e8625f7f518e7163683c7dd9e0337a4ed4781e03350137
- SSDEEP
  
  393216:WnS7+1RCNQAhN/uOCoNetaiHFsqz2xQmbNfmOnjD4+dF5q:WAqOCms5HuS2hbFmOnjD4+H5
Score

10^/10

raccoon 1f24465a8292fc98889a03fe629e86db stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon1f24465a8292fc98889a03fe629e86dbstealer

behavioral2

raccoon1f24465a8292fc98889a03fe629e86dbstealer