Overview

overview

10

Static

static

3

123.exe

windows7-x64

10

123.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    123.exe

  • Size

    518KB

  • Sample

    230508-vjvb2add9x

  • MD5

    2aeac863392c9a2a31058c6d5eeb4cc2

  • SHA1

    a45b2e4905117c4dae0a3666a4590f538b69fdcc

  • SHA256

    a7b25c3995f6bc79c2075efbb0bbdbcc0a3cc7fccb920b6c760981cd866ed89a

  • SHA512

    fb04c05b3aacdae462c960fa10610b67f39ec3188d4d248e207853090d3809953b5a6fee96a58029aa13b5d526fec43161913842c230932b84063f61a2b4102e

  • SSDEEP

    12288:hnNXliRo0L376ujZIBalmrh0Jzw2NXegPTHrHlRwzYLSmhrWE:pfwo0LWujZIzrhQw2FegrHhRwzYLSwr

Score
10/10
raccoonb11c37ed36597cb6d2adb8b6280a6e12stealer

Malware Config

Extracted

Family

raccoon

Botnet

b11c37ed36597cb6d2adb8b6280a6e12

C2

http://94.142.138.32

xor.plain

Targets

    • Target

      123.exe

    • Size

      518KB

    • MD5

      2aeac863392c9a2a31058c6d5eeb4cc2

    • SHA1

      a45b2e4905117c4dae0a3666a4590f538b69fdcc

    • SHA256

      a7b25c3995f6bc79c2075efbb0bbdbcc0a3cc7fccb920b6c760981cd866ed89a

    • SHA512

      fb04c05b3aacdae462c960fa10610b67f39ec3188d4d248e207853090d3809953b5a6fee96a58029aa13b5d526fec43161913842c230932b84063f61a2b4102e

    • SSDEEP

      12288:hnNXliRo0L376ujZIBalmrh0Jzw2NXegPTHrHlRwzYLSmhrWE:pfwo0LWujZIzrhQw2FegrHhRwzYLSwr

    Score
    10/10
    raccoonb11c37ed36597cb6d2adb8b6280a6e12stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks