General

  • Target

    tmp

  • Size

    1.1MB

  • Sample

    230510-1wsa4aae42

  • MD5

    849ca256b617969e263ac005d1657fee

  • SHA1

    429e8f10e14fd11d7b15715689a86b1e4f0275c4

  • SHA256

    52f7559453685d0c3f7c133af17d39ae40b09f403b792e1065d2529a5b6c3992

  • SHA512

    f120471e04b0c2312fcb630874d314338e68488512ceeedc260312c4ba570b367f602e44c26a756c64e5f84e75f69c66643433f836a7be481a6e2f2cb74c2dc5

  • SSDEEP

    6144:EhQs0F6/DrcrgG5WwO4dqAO0y/Qas3CKcgnTIxViT1qH0WUi+gCsoSvi:EhQsP/DrcrgcUGyngTIs1q5boSvi

Malware Config

Extracted

Family

raccoon

Botnet

b11c37ed36597cb6d2adb8b6280a6e12

C2

http://94.142.138.32

xor.plain

Targets

    • Target

      tmp

    • Size

      1.1MB

    • MD5

      849ca256b617969e263ac005d1657fee

    • SHA1

      429e8f10e14fd11d7b15715689a86b1e4f0275c4

    • SHA256

      52f7559453685d0c3f7c133af17d39ae40b09f403b792e1065d2529a5b6c3992

    • SHA512

      f120471e04b0c2312fcb630874d314338e68488512ceeedc260312c4ba570b367f602e44c26a756c64e5f84e75f69c66643433f836a7be481a6e2f2cb74c2dc5

    • SSDEEP

      6144:EhQs0F6/DrcrgG5WwO4dqAO0y/Qas3CKcgnTIxViT1qH0WUi+gCsoSvi:EhQsP/DrcrgcUGyngTIs1q5boSvi

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks