Overview

overview

10

Static

static

1

6c8a2cea4d...c1.exe

windows7-x64

10

6c8a2cea4d...c1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c8a2cea4dbf018262fc7ccf569de510c0a58612806a2be73a68d82f7b05d1c1

  • Size

    3.4MB

  • Sample

    230612-3jvlsseb65

  • MD5

    a8c1f96c58503a9c766c7ed239263260

  • SHA1

    37069d83d46b51baceb396c1947891e3974e7594

  • SHA256

    6c8a2cea4dbf018262fc7ccf569de510c0a58612806a2be73a68d82f7b05d1c1

  • SHA512

    c52b7dd8b56f955f8d88380d718045a02cbd7832caff6941e611465ef54cc8dad680055d9d2abdf27e5d354ebd079547e53ceb8f56e74678b999e0185969cb35

  • SSDEEP

    49152:i+vDJjWt5tw0YCFs7JojDRmrlOt9lSyA8a0c1bEP0EDrmLKW2l6a77Z:i+vDJjWt5tRYTUe0fJKJbpKWi1

Score
10/10
raccoonf80018d0f7c5463eabb5c698eb201532stealer

Malware Config

Extracted

Family

raccoon

Botnet

f80018d0f7c5463eabb5c698eb201532

C2

http://5.42.65.18:80/

http://5.42.64.13:80/

http://5.42.65.17:80/

http://5.42.65.12:80/
xor.plain

Targets

    • Target

      6c8a2cea4dbf018262fc7ccf569de510c0a58612806a2be73a68d82f7b05d1c1

    • Size

      3.4MB

    • MD5

      a8c1f96c58503a9c766c7ed239263260

    • SHA1

      37069d83d46b51baceb396c1947891e3974e7594

    • SHA256

      6c8a2cea4dbf018262fc7ccf569de510c0a58612806a2be73a68d82f7b05d1c1

    • SHA512

      c52b7dd8b56f955f8d88380d718045a02cbd7832caff6941e611465ef54cc8dad680055d9d2abdf27e5d354ebd079547e53ceb8f56e74678b999e0185969cb35

    • SSDEEP

      49152:i+vDJjWt5tw0YCFs7JojDRmrlOt9lSyA8a0c1bEP0EDrmLKW2l6a77Z:i+vDJjWt5tRYTUe0fJKJbpKWi1

    Score
    10/10
    raccoonf80018d0f7c5463eabb5c698eb201532stealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks