Overview

overview

10

Static

static

3

3131f31a4b...17.exe

windows7-x64

10

3131f31a4b...17.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    112s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-05-2023 07:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3131f31a4b39b30cc4498c17115c2d24dc588835c9d609076058772d4a96a217.exe

  • Size

    4.0MB

  • MD5

    b0cec2ba22b65a3df5fcfd5ddcb24521

  • SHA1

    edd2f6c361e04ba7cdec857cffe75443b6e771c4

  • SHA256

    3131f31a4b39b30cc4498c17115c2d24dc588835c9d609076058772d4a96a217

  • SHA512

    7ed22a6082d97feec491d0c3554b935fc777bea4b90023b08e48c86a0d2c5f4d4f86d76683d9a3d35071eda7b083c7af0cab82810eecc25c20e8702d3325d147

  • SSDEEP

    98304:XUfKCK+RX3KLh12Hb8ECp0PmhaWDrJ+sASEtw9:XQXb78EKhaMV+sNWw9

Score
10/10
raccoon13718a923845c0cdab8ce45c585b8d63stealer

Malware Config

Extracted

Family

raccoon

Botnet

13718a923845c0cdab8ce45c585b8d63

C2

http://94.142.138.175/

xor.plain

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3131f31a4b39b30cc4498c17115c2d24dc588835c9d609076058772d4a96a217.exe
    "C:\Users\Admin\AppData\Local\Temp\3131f31a4b39b30cc4498c17115c2d24dc588835c9d609076058772d4a96a217.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1200-133-0x0000000000400000-0x0000000000B16000-memory.dmp

    Filesize

    7.1MB

    Download

  • memory/1200-134-0x0000000000400000-0x0000000000B16000-memory.dmp

    Filesize

    7.1MB

    Download

  • memory/1200-136-0x0000000000C80000-0x0000000000C81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1200-138-0x0000000000CB0000-0x0000000000CB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1200-137-0x0000000000C90000-0x0000000000C91000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1200-139-0x0000000000CC0000-0x0000000000CC1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1200-140-0x0000000000CD0000-0x0000000000CD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1200-141-0x0000000000CF0000-0x0000000000CF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1200-142-0x0000000000400000-0x0000000000B16000-memory.dmp

    Filesize

    7.1MB

    Download

  • memory/1200-144-0x0000000000400000-0x0000000000B16000-memory.dmp

    Filesize

    7.1MB

    Download

  • memory/1200-146-0x0000000000400000-0x0000000000B16000-memory.dmp

    Filesize

    7.1MB

    Download