raccoon | 5352ad7b62ac6a38bf4997ef0934c6cbb5c3c38bf71607bc309db3196ac20e02 | Triage

Sharing

General

Target

Use_2024_As_Passw0rd.rar
Size

14.5MB
Sample

230510-16dkpacc7t
MD5

564c2166383b77531e66ca6afcd08363
SHA1

11ed086b024681df2a938a90d34bdd77c43fbec3
SHA256

5352ad7b62ac6a38bf4997ef0934c6cbb5c3c38bf71607bc309db3196ac20e02
SHA512

d7fdaf322ebd8027a35558996097e5691f3bc3570dc657b26d88e304d93b7e557340c8b3b9e6ec6fe23b5edc2cefad6b7a0a631c9552958779d351802048ff3b
SSDEEP

393216:6VTmXsw7XdOnCBOZqeztOHzTUgNxuIhjgGqLt2:EaXswhOCg80tkzTp/uSt/

Score

10^/10

raccoon 1a02d3cb5468c8755bd1609c6c7a04ad stealer

Malware Config

Extracted

Family

raccoon

Botnet

1a02d3cb5468c8755bd1609c6c7a04ad

C2

http://37.220.87.68

http://83.217.11.14

http://94.142.138.125/

xor.plain

Targets

- Target
  
  Use_2024_As_Passw0rd.rar
- Size
  
  14.5MB
- MD5
  
  564c2166383b77531e66ca6afcd08363
- SHA1
  
  11ed086b024681df2a938a90d34bdd77c43fbec3
- SHA256
  
  5352ad7b62ac6a38bf4997ef0934c6cbb5c3c38bf71607bc309db3196ac20e02
- SHA512
  
  d7fdaf322ebd8027a35558996097e5691f3bc3570dc657b26d88e304d93b7e557340c8b3b9e6ec6fe23b5edc2cefad6b7a0a631c9552958779d351802048ff3b
- SSDEEP
  
  393216:6VTmXsw7XdOnCBOZqeztOHzTUgNxuIhjgGqLt2:EaXswhOCg80tkzTp/uSt/
Score

10^/10

raccoon 1a02d3cb5468c8755bd1609c6c7a04ad stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon1a02d3cb5468c8755bd1609c6c7a04adstealer

behavioral2

raccoon1a02d3cb5468c8755bd1609c6c7a04adstealer