raccoon | 57aebd6f3706b060ddb0ed2f14b87824453a33e5b3c20e9cf4ebf781a9f2daa1 | Triage

Submit
Reports

Overview

overview

Static

static

1

57aebd6f37...a1.exe

windows7-x64

7

57aebd6f37...a1.exe

windows10-2004-x64

Sharing

General

Target

57aebd6f3706b060ddb0ed2f14b87824453a33e5b3c20e9cf4ebf781a9f2daa1
Size

2.2MB
Sample

230623-g85bmsea7s
MD5

b0dfa822d96f5bd151b1d722aed33ebd
SHA1

9525815d874c7e57c699bea77eeefadc170f0802
SHA256

57aebd6f3706b060ddb0ed2f14b87824453a33e5b3c20e9cf4ebf781a9f2daa1
SHA512

4303ccb31f04682128fcc87a5709e11373e23507247f6578cffe9ccdc1018456a870397ba0d95c522bbea55a3b96b65827694ac5076551fd54d803e561ef3830
SSDEEP

24576:AvymYiaasIgssKvHcU1tFDaJa/4wBhWZO2ltEP41kdOOVN+JJ0Q7gPYRWDPK9IZf:A2NDEA7ShXA1U/P+nB0WWDQkAqEeuL3

Score

10^/10

raccoon 00327046a5bb30980ad6fa849f564581 stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

57aebd6f3706b060ddb0ed2f14b87824453a33e5b3c20e9cf4ebf781a9f2daa1.exe

Resource

win7-20230621-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

57aebd6f3706b060ddb0ed2f14b87824453a33e5b3c20e9cf4ebf781a9f2daa1.exe

Resource

win10v2004-20230621-en

raccoon 00327046a5bb30980ad6fa849f564581 stealer upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

raccoon

Botnet

00327046a5bb30980ad6fa849f564581

C2

http://5.42.64.13:80/

http://5.42.64.12:80/

xor.plain

Targets

- Target
  
  57aebd6f3706b060ddb0ed2f14b87824453a33e5b3c20e9cf4ebf781a9f2daa1
- Size
  
  2.2MB
- MD5
  
  b0dfa822d96f5bd151b1d722aed33ebd
- SHA1
  
  9525815d874c7e57c699bea77eeefadc170f0802
- SHA256
  
  57aebd6f3706b060ddb0ed2f14b87824453a33e5b3c20e9cf4ebf781a9f2daa1
- SHA512
  
  4303ccb31f04682128fcc87a5709e11373e23507247f6578cffe9ccdc1018456a870397ba0d95c522bbea55a3b96b65827694ac5076551fd54d803e561ef3830
- SSDEEP
  
  24576:AvymYiaasIgssKvHcU1tFDaJa/4wBhWZO2ltEP41kdOOVN+JJ0Q7gPYRWDPK9IZf:A2NDEA7ShXA1U/P+nB0WWDQkAqEeuL3
Score

10^/10

upx raccoon 00327046a5bb30980ad6fa849f564581 stealer
- Raccoon
  Raccoon is an infostealer written in C++ and first seen in 2019.
  stealer raccoon
- Raccoon Stealer payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

raccoon00327046a5bb30980ad6fa849f564581stealerupx

© 2018-2024

Terms | Privacy