raccoon | 91dc9d4244f9042ddaf4a1e19c38697739acfb29a674c5f64307c666b98587e5 | Triage

Submit
Reports

Overview

overview

Static

static

3

OriginalBu...ed.exe

windows10-1703-x64

Sharing

General

Target

OriginalBuild-noAnti-cleaned_Slayed.exe
Size

254KB
Sample

230617-rz9vwaca99
MD5

d74faea7b03c50e52765b9267742766f
SHA1

003fe6b38214c3d09f63b9addf8dffefb2c8e4c8
SHA256

91dc9d4244f9042ddaf4a1e19c38697739acfb29a674c5f64307c666b98587e5
SHA512

1516e193e965a570f3df949030c484b1abaca99975b834b2b4489a66391225a98adc1e8ec367a9955b31bcb9a6cb74114585fe181a86d672e7d27967e635b1c9
SSDEEP

6144:AqCXwQB0GlRj+JDvdDrbE/8rA27oPEg4UkkX0cD:AJXwQIvdDdAXPEr+

Score

10^/10

raccoon 91c4c1e32c1544bd463348a0c42e7865 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

OriginalBuild-noAnti-cleaned_Slayed.exe

Resource

win10-20230220-en

raccoon 91c4c1e32c1544bd463348a0c42e7865 stealer

windows10-1703-x64

14 signatures

60 seconds

Malware Config

Extracted

Family

raccoon

Botnet

91c4c1e32c1544bd463348a0c42e7865

C2

http://94.142.138.102:80/

xor.plain

Targets

- Target
  
  OriginalBuild-noAnti-cleaned_Slayed.exe
- Size
  
  254KB
- MD5
  
  d74faea7b03c50e52765b9267742766f
- SHA1
  
  003fe6b38214c3d09f63b9addf8dffefb2c8e4c8
- SHA256
  
  91dc9d4244f9042ddaf4a1e19c38697739acfb29a674c5f64307c666b98587e5
- SHA512
  
  1516e193e965a570f3df949030c484b1abaca99975b834b2b4489a66391225a98adc1e8ec367a9955b31bcb9a6cb74114585fe181a86d672e7d27967e635b1c9
- SSDEEP
  
  6144:AqCXwQB0GlRj+JDvdDrbE/8rA27oPEg4UkkX0cD:AJXwQIvdDdAXPEr+
Score

10^/10

raccoon 91c4c1e32c1544bd463348a0c42e7865 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Blocklisted process makes network request
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

raccoon91c4c1e32c1544bd463348a0c42e7865stealer

© 2018-2024

Terms | Privacy