Overview

overview

10

Static

static

7

setup.exe

windows7-x64

10

setup.exe

windows10-2004-x64

10

Resubmissions

13-06-2023 13:21

230613-ql4w2agc84 3

13-06-2023 09:01

230613-kyvagafe94 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FileSetupThere+.rar

  • Size

    15.0MB

  • Sample

    230613-kyvagafe94

  • MD5

    b60ee47ca52121cfa03fc19213b18ab2

  • SHA1

    6c8c8537547e5ab76bbf4451818d6eccb6311219

  • SHA256

    e63738463dcbc69fd4a7e7df7702b2a9453cb315290ad577e662d804fa6a3d97

  • SHA512

    fbbd98261888c21e036001dc64b9ef13ec4e957e31578433a515bcedfab87992f5fd1fc1c74fef62cb6ffb18cac0cc34c2b4eaa9321acedfdc5ab796dc4a883a

  • SSDEEP

    393216:KanehXz9RZ9YMwjXj+WfGesT5bU2jmYhO1c:NnOJRz2SWfG5RKkZ

Score
10/10
raccoon13718a923845c0cdab8ce45c585b8d63stealervmprotect

Malware Config

Extracted

Family

raccoon

Botnet

13718a923845c0cdab8ce45c585b8d63

C2

http://94.142.138.175/

xor.plain

Targets

    • Target

      setup.exe

    • Size

      992.0MB

    • MD5

      839927958c92d3f6f9b743fc8d3d10ac

    • SHA1

      d78c545063e2344e52ef2156240f4bad5f0b7233

    • SHA256

      bd1620b81553251856f5e2055d9e9fc1354b3917c26ee2a1ba36ff072650da46

    • SHA512

      497419dec1a7e94ebb31491524f0191cbf512cb21384f6e406cd060d1042f4ffb9da5715a40d371355bc3bbebb46a707136082d04cc971399ce7eecec2449d53

    • SSDEEP

      196608:dHmujQkv58sSw5u1CFwau9R4Rh9dK5A93UKX:dHjYk5/PusZSA93t

    Score
    10/10
    raccoon13718a923845c0cdab8ce45c585b8d63stealervmprotect

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks