raccoon | f63154fccd7521dbe450f56aefff2a73d199489f8b68be7bd03befc5a98ddc36 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Sharing

General

Target

f63154fccd7521dbe450f56aefff2a73d199489f8b68be7bd03befc5a98ddc36
Size

336KB
Sample

230618-heh2zsfb6t
MD5

e94ec358349808b167fe25704bbb1c43
SHA1

6c48cab4905b96605d64de1718c6fe07b17392c0
SHA256

f63154fccd7521dbe450f56aefff2a73d199489f8b68be7bd03befc5a98ddc36
SHA512

a2a890b872704b49b0692b077439ee2a65e73641553729f614c5b230df0591d59984f3d564ffde9d11223133bedaf4a70e2db7075b4e5ca9de9d8bd5f7798ad7
SSDEEP

6144:b46HZImXdPNhShn6XpLaJba4XcwfkBYuOVx6rfWd+V9nJ2/FnRy5pg:b46HZlXXhOnY9a9PswfkBYuo0DLnJ2dP

Score

10^/10

raccoon a8557a01243914ccfb9f74ba3a926fa2 stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f63154fccd7521dbe450f56aefff2a73d199489f8b68be7bd03befc5a98ddc36.exe

Resource

win10v2004-20230220-en

raccoon a8557a01243914ccfb9f74ba3a926fa2 stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

a8557a01243914ccfb9f74ba3a926fa2

C2

http://5.42.64.17:80/

http://5.42.65.62:80/

xor.plain

Targets

- Target
  
  f63154fccd7521dbe450f56aefff2a73d199489f8b68be7bd03befc5a98ddc36
- Size
  
  336KB
- MD5
  
  e94ec358349808b167fe25704bbb1c43
- SHA1
  
  6c48cab4905b96605d64de1718c6fe07b17392c0
- SHA256
  
  f63154fccd7521dbe450f56aefff2a73d199489f8b68be7bd03befc5a98ddc36
- SHA512
  
  a2a890b872704b49b0692b077439ee2a65e73641553729f614c5b230df0591d59984f3d564ffde9d11223133bedaf4a70e2db7075b4e5ca9de9d8bd5f7798ad7
- SSDEEP
  
  6144:b46HZImXdPNhShn6XpLaJba4XcwfkBYuOVx6rfWd+V9nJ2/FnRy5pg:b46HZlXXhOnY9a9PswfkBYuo0DLnJ2dP
Score

10^/10

raccoon a8557a01243914ccfb9f74ba3a926fa2 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoona8557a01243914ccfb9f74ba3a926fa2stealer

© 2018-2024

Terms | Privacy