Overview

overview

10

Static

static

1

file.exe

windows7-x64

1

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file

  • Size

    332KB

  • Sample

    230512-nwzzqafb7v

  • MD5

    c5674099c10fc02100253a248cd1d4f9

  • SHA1

    489a0dc2967bf1e0dd30e984eeaff4cd07ab8dae

  • SHA256

    d6832a537c3e0be47b10e40736bed91c4768ace163b110d96c6700aabe6c5fb3

  • SHA512

    4c13a467a70a425d366d94dd2ba45fd8b7f3d12705aea99d418fa76be6d26bf37c6cd5d9363890be7dc69add4ff488aff6a4cdbd346851eea73cae0887d0e4cc

  • SSDEEP

    6144:xMtTVz4Zwp+e50XrDkodpbMk9d2p8gSqP4p1IOq:MajX2p8gSqO14

Score
10/10
raccoon073a56fe38eae9c7effa31d6284ce988stealer

Malware Config

Extracted

Family

raccoon

Botnet

073a56fe38eae9c7effa31d6284ce988

C2

http://5.39.117.99/

xor.plain

Targets

    • Target

      file

    • Size

      332KB

    • MD5

      c5674099c10fc02100253a248cd1d4f9

    • SHA1

      489a0dc2967bf1e0dd30e984eeaff4cd07ab8dae

    • SHA256

      d6832a537c3e0be47b10e40736bed91c4768ace163b110d96c6700aabe6c5fb3

    • SHA512

      4c13a467a70a425d366d94dd2ba45fd8b7f3d12705aea99d418fa76be6d26bf37c6cd5d9363890be7dc69add4ff488aff6a4cdbd346851eea73cae0887d0e4cc

    • SSDEEP

      6144:xMtTVz4Zwp+e50XrDkodpbMk9d2p8gSqP4p1IOq:MajX2p8gSqO14

    Score
    10/10
    raccoon073a56fe38eae9c7effa31d6284ce988stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Blocklisted process makes network request

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks