Overview

overview

10

Static

static

3

b6f7590b08...c3.exe

windows7-x64

10

b6f7590b08...c3.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    80s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-06-2023 08:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b6f7590b08d254d5e203c0dd1307cfc3.exe

  • Size

    16.3MB

  • MD5

    b6f7590b08d254d5e203c0dd1307cfc3

  • SHA1

    4276690cde09f8dc343b869a206d723f6e095a39

  • SHA256

    a69eda298867c4f681ba85d6b9e63d4ac5a6865498d10e3ee939cf3533d150d6

  • SHA512

    99d562a74f271a8d428f23817d95d465d2bff889c9ef18a975451e61655ebabcc7dae90874f0590aeb210c34ef65dcef27612d7bac95ea638f527617ff3a33a5

  • SSDEEP

    196608:CzYb3pRrsY07EQGOcoUnxLVdDCDLU4T5X0UwqIXZsdb56rBPTLprGOXaPVBEf5QR:CzYg/YQGOcfnxLD6T5JwquZKOLpGNPz

Score
10/10
raccoonstealer

Malware Config

Signatures

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

    stealerraccoon
  • Raccoon Stealer payload 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b6f7590b08d254d5e203c0dd1307cfc3.exe
    "C:\Users\Admin\AppData\Local\Temp\b6f7590b08d254d5e203c0dd1307cfc3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2316-133-0x0000000001EF0000-0x0000000001EF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2316-134-0x0000000000400000-0x0000000001E14000-memory.dmp

    Filesize

    26.1MB

    Download