raccoon | 52f7559453685d0c3f7c133af17d39ae40b09f403b792e1065d2529a5b6c3992 | Triage

Sharing

General

Target

tmp
Size

1.1MB
Sample

230510-1wsa4aae42
MD5

849ca256b617969e263ac005d1657fee
SHA1

429e8f10e14fd11d7b15715689a86b1e4f0275c4
SHA256

52f7559453685d0c3f7c133af17d39ae40b09f403b792e1065d2529a5b6c3992
SHA512

f120471e04b0c2312fcb630874d314338e68488512ceeedc260312c4ba570b367f602e44c26a756c64e5f84e75f69c66643433f836a7be481a6e2f2cb74c2dc5
SSDEEP

6144:EhQs0F6/DrcrgG5WwO4dqAO0y/Qas3CKcgnTIxViT1qH0WUi+gCsoSvi:EhQsP/DrcrgcUGyngTIs1q5boSvi

Score

10^/10

raccoon b11c37ed36597cb6d2adb8b6280a6e12 stealer

Malware Config

Extracted

Family

raccoon

Botnet

b11c37ed36597cb6d2adb8b6280a6e12

C2

http://94.142.138.32

xor.plain

Targets

- Target
  
  tmp
- Size
  
  1.1MB
- MD5
  
  849ca256b617969e263ac005d1657fee
- SHA1
  
  429e8f10e14fd11d7b15715689a86b1e4f0275c4
- SHA256
  
  52f7559453685d0c3f7c133af17d39ae40b09f403b792e1065d2529a5b6c3992
- SHA512
  
  f120471e04b0c2312fcb630874d314338e68488512ceeedc260312c4ba570b367f602e44c26a756c64e5f84e75f69c66643433f836a7be481a6e2f2cb74c2dc5
- SSDEEP
  
  6144:EhQs0F6/DrcrgG5WwO4dqAO0y/Qas3CKcgnTIxViT1qH0WUi+gCsoSvi:EhQsP/DrcrgcUGyngTIs1q5boSvi
Score

10^/10

raccoon b11c37ed36597cb6d2adb8b6280a6e12 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoonb11c37ed36597cb6d2adb8b6280a6e12stealer