General

  • Target

    4c8215f5fa1a70ccd5c5043ae9228820.exe

  • Size

    272KB

  • Sample

    230624-ql7b6acd8x

  • MD5

    4c8215f5fa1a70ccd5c5043ae9228820

  • SHA1

    3dcea1172e97fd16cdbd5f617634a19a22febc10

  • SHA256

    e441f76f21f624136a63e22a03fe2f32674d47e9869091524eb5037303e60a51

  • SHA512

    5e1e103972fb47043f1600211a330500c46ecf98624f4c3474bc69d27d004c124bff4ff8104403d752604ec37fcbd723269be12c983658a974825eaee769aefd

  • SSDEEP

    3072:ar8UjmAxpNoCHG6e6z2SARkyEQzYPVl4AETDtWVnvPxHadPF221s+s33UNf21MyW:vUjjsCHG6Pg/dYL4AADtWnR6dt22h

Malware Config

Targets

    • Target

      4c8215f5fa1a70ccd5c5043ae9228820.exe

    • Size

      272KB

    • MD5

      4c8215f5fa1a70ccd5c5043ae9228820

    • SHA1

      3dcea1172e97fd16cdbd5f617634a19a22febc10

    • SHA256

      e441f76f21f624136a63e22a03fe2f32674d47e9869091524eb5037303e60a51

    • SHA512

      5e1e103972fb47043f1600211a330500c46ecf98624f4c3474bc69d27d004c124bff4ff8104403d752604ec37fcbd723269be12c983658a974825eaee769aefd

    • SSDEEP

      3072:ar8UjmAxpNoCHG6e6z2SARkyEQzYPVl4AETDtWVnvPxHadPF221s+s33UNf21MyW:vUjjsCHG6Pg/dYL4AADtWnR6dt22h

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

    • Raccoon Stealer payload

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks